Initial import from FreeBSD RELENG_4:
[dragonfly.git] / sys / boot / i386 / btx / btx / btx.s
1 #
2 # Copyright (c) 1998 Robert Nordier
3 # All rights reserved.
4 #
5 # Redistribution and use in source and binary forms are freely
6 # permitted provided that the above copyright notice and this
7 # paragraph and the following disclaimer are duplicated in all
8 # such forms.
9 #
10 # This software is provided "AS IS" and without any express or
11 # implied warranties, including, without limitation, the implied
12 # warranties of merchantability and fitness for a particular
13 # purpose.
14 #
15
16 # $FreeBSD: src/sys/boot/i386/btx/btx/btx.s,v 1.15.2.4 2000/12/28 12:08:22 ps Exp $
17
18 #
19 # Memory layout.
20 #
21                 .set MEM_BTX,0x1000             # Start of BTX memory
22                 .set MEM_ESP0,0x1800            # Supervisor stack
23                 .set MEM_BUF,0x1800             # Scratch buffer
24                 .set MEM_ESP1,0x1e00            # Link stack
25                 .set MEM_IDT,0x1e00             # IDT
26                 .set MEM_TSS,0x1f98             # TSS
27                 .set MEM_MAP,0x2000             # I/O bit map
28                 .set MEM_DIR,0x4000             # Page directory
29                 .set MEM_TBL,0x5000             # Page tables
30                 .set MEM_ORG,0x9000             # BTX code
31                 .set MEM_USR,0xa000             # Start of user memory
32 #
33 # Paging control.
34 #
35                 .set PAG_SIZ,0x1000             # Page size
36                 .set PAG_CNT,0x1000             # Pages to map
37 #
38 # Segment selectors.
39 #
40                 .set SEL_SCODE,0x8              # Supervisor code
41                 .set SEL_SDATA,0x10             # Supervisor data
42                 .set SEL_RCODE,0x18             # Real mode code
43                 .set SEL_RDATA,0x20             # Real mode data
44                 .set SEL_UCODE,0x28|3           # User code
45                 .set SEL_UDATA,0x30|3           # User data
46                 .set SEL_TSS,0x38               # TSS
47 #
48 # Task state segment fields.
49 #
50                 .set TSS_ESP0,0x4               # PL 0 ESP
51                 .set TSS_SS0,0x8                # PL 0 SS
52                 .set TSS_ESP1,0xc               # PL 1 ESP
53                 .set TSS_MAP,0x66               # I/O bit map base
54 #
55 # System calls.
56 #
57                 .set SYS_EXIT,0x0               # Exit
58                 .set SYS_EXEC,0x1               # Exec
59 #
60 # V86 constants.
61 #
62                 .set V86_FLG,0x208eff           # V86 flag mask
63                 .set V86_STK,0x400              # V86 stack allowance
64 #
65 # Dump format control bytes.
66 #
67                 .set DMP_X16,0x1                # Word
68                 .set DMP_X32,0x2                # Long
69                 .set DMP_MEM,0x4                # Memory
70                 .set DMP_EOL,0x8                # End of line
71 #
72 # Screen defaults and assumptions.
73 #
74                 .set SCR_MAT,0x7                # Mode/attribute
75                 .set SCR_COL,0x50               # Columns per row
76                 .set SCR_ROW,0x19               # Rows per screen
77 #
78 # BIOS Data Area locations.
79 #
80                 .set BDA_MEM,0x413              # Free memory
81                 .set BDA_KEYFLAGS,0x417         # Keyboard shift-state flags
82                 .set BDA_SCR,0x449              # Video mode
83                 .set BDA_POS,0x450              # Cursor position
84                 .set BDA_BOOT,0x472             # Boot howto flag
85 #
86 # Derivations, for brevity.
87 #
88                 .set _ESP0H,MEM_ESP0>>0x8       # Byte 1 of ESP0
89                 .set _ESP1H,MEM_ESP1>>0x8       # Byte 1 of ESP1
90                 .set _TSSIO,MEM_MAP-MEM_TSS     # TSS I/O base
91                 .set _TSSLM,MEM_DIR-MEM_TSS-1   # TSS limit
92                 .set _IDTLM,MEM_TSS-MEM_IDT-1   # IDT limit
93 #
94 # Code segment.
95 #
96                 .globl start
97                 .code16
98 start:                                          # Start of code
99 #
100 # BTX header.
101 #
102 btx_hdr:        .byte 0xeb                      # Machine ID
103                 .byte 0xe                       # Header size
104                 .ascii "BTX"                    # Magic
105                 .byte 0x1                       # Major version
106                 .byte 0x1                       # Minor version
107                 .byte BTX_FLAGS                 # Flags
108                 .word PAG_CNT-MEM_ORG>>0xc      # Paging control
109                 .word break-start               # Text size
110                 .long 0x0                       # Entry address
111 #
112 # Initialization routine.
113 #
114 init:           cli                             # Disable interrupts
115                 xor %ax,%ax                     # Zero/segment
116                 mov %ax,%ss                     # Set up
117                 mov $MEM_ESP0,%sp               #  stack
118                 mov %ax,%es                     # Address
119                 mov %ax,%ds                     #  data
120                 pushl $0x2                      # Clear
121                 popfl                           #  flags
122 #
123 # Initialize memory.
124 #
125                 mov $MEM_IDT,%di                # Memory to initialize
126                 mov $(MEM_ORG-MEM_IDT)/2,%cx    # Words to zero
127                 push %di                        # Save
128                 rep                             # Zero-fill
129                 stosw                           #  memory
130                 pop %di                         # Restore
131 #
132 # Create IDT.
133 #
134                 mov $idtctl,%si                 # Control string
135 init.1:         lodsb                           # Get entry
136                 cbw                             #  count
137                 xchg %ax,%cx                    #  as word
138                 jcxz init.4                     # If done
139                 lodsb                           # Get segment
140                 xchg %ax,%dx                    #  P:DPL:type
141                 lodsw                           # Get control
142                 xchg %ax,%bx                    #  set
143                 lodsw                           # Get handler offset
144                 mov $SEL_SCODE,%dh              # Segment selector
145 init.2:         shr %bx                         # Handle this int?
146                 jnc init.3                      # No
147                 mov %ax,(%di)                   # Set handler offset
148                 mov %dh,0x2(%di)                #  and selector
149                 mov %dl,0x5(%di)                # Set P:DPL:type
150                 add $0x4,%ax                    # Next handler
151 init.3:         lea 0x8(%di),%di                # Next entry
152                 loop init.2                     # Till set done
153                 jmp init.1                      # Continue
154 #
155 # Initialize TSS.
156 #
157 init.4:         movb $_ESP0H,TSS_ESP0+1(%di)    # Set ESP0
158                 movb $SEL_SDATA,TSS_SS0(%di)    # Set SS0
159                 movb $_ESP1H,TSS_ESP1+1(%di)    # Set ESP1
160                 movb $_TSSIO,TSS_MAP(%di)       # Set I/O bit map base
161 ifdef(`PAGING',`
162 #
163 # Create page directory.
164 #
165                 xor %edx,%edx                   # Page
166                 mov $PAG_SIZ>>0x8,%dh           #  size
167                 xor %eax,%eax                   # Zero
168                 mov $MEM_DIR,%di                # Page directory
169                 mov $PAG_CNT>>0xa,%cl           # Entries
170                 mov $MEM_TBL|0x7,%ax            # First entry
171 init.5:         stosl                           # Write entry
172                 add %dx,%ax                     # To next
173                 loop init.5                     # Till done
174 #
175 # Create page tables.
176 #
177                 mov $MEM_TBL,%di                # Page table
178                 mov $PAG_CNT>>0x8,%ch           # Entries
179                 xor %ax,%ax                     # Start address
180 init.6:         mov $0x7,%al                    # Set U:W:P flags
181                 cmp btx_hdr+0x8,%cx             # Standard user page?
182                 jb init.7                       # Yes
183                 cmp $PAG_CNT-MEM_BTX>>0xc,%cx   # BTX memory?
184                 jae init.7                      # No or first page
185                 and $~0x2,%al                   # Clear W flag
186                 cmp $PAG_CNT-MEM_USR>>0xc,%cx   # User page zero?
187                 jne init.7                      # No
188                 testb $0x80,btx_hdr+0x7         # Unmap it?
189                 jz init.7                       # No
190                 and $~0x1,%al                   # Clear P flag
191 init.7:         stosl                           # Set entry
192                 add %edx,%eax                   # Next address
193                 loop init.6                     # Till done
194 ')
195 #
196 # Bring up the system.
197 #
198                 mov $0x2820,%bx                 # Set protected mode
199                 callw setpic                    #  IRQ offsets
200                 lidt idtdesc                    # Set IDT
201 ifdef(`PAGING',`
202                 xor %eax,%eax                   # Set base
203                 mov $MEM_DIR>>0x8,%ah           #  of page
204                 mov %eax,%cr3                   #  directory
205 ')
206                 lgdt gdtdesc                    # Set GDT
207                 mov %cr0,%eax                   # Switch to protected
208 ifdef(`PAGING',`
209                 or $0x80000001,%eax             #  mode and enable paging
210 ',`
211                 or $0x01,%eax                   #  mode
212 ')
213                 mov %eax,%cr0                   #  
214                 ljmp $SEL_SCODE,$init.8         # To 32-bit code
215                 .code32
216 init.8:         xorl %ecx,%ecx                  # Zero
217                 movb $SEL_SDATA,%cl             # To 32-bit
218                 movw %cx,%ss                    #  stack
219 #
220 # Launch user task.
221 #
222                 movb $SEL_TSS,%cl               # Set task
223                 ltr %cx                         #  register
224                 movl $MEM_USR,%edx              # User base address
225                 movzwl %ss:BDA_MEM,%eax         # Get free memory
226                 shll $0xa,%eax                  # To bytes
227                 subl $0x1000,%eax               # Less arg space
228                 subl %edx,%eax                  # Less base
229                 movb $SEL_UDATA,%cl             # User data selector
230                 pushl %ecx                      # Set SS
231                 pushl %eax                      # Set ESP
232                 push $0x202                     # Set flags (IF set)
233                 push $SEL_UCODE                 # Set CS
234                 pushl btx_hdr+0xc               # Set EIP
235                 pushl %ecx                      # Set GS
236                 pushl %ecx                      # Set FS
237                 pushl %ecx                      # Set DS
238                 pushl %ecx                      # Set ES
239                 pushl %edx                      # Set EAX
240                 movb $0x7,%cl                   # Set remaining
241 init.9:         push $0x0                       #  general
242                 loop init.9                     #  registers
243                 popa                            #  and initialize
244                 popl %es                        # Initialize
245                 popl %ds                        #  user
246                 popl %fs                        #  segment
247                 popl %gs                        #  registers
248                 iret                            # To user mode
249 #
250 # Exit routine.
251 #
252 exit:           cli                             # Disable interrupts
253                 movl $MEM_ESP0,%esp             # Clear stack
254 #
255 # Turn off paging.
256 #
257                 movl %cr0,%eax                  # Get CR0
258 ifdef(`PAGING',`
259                 andl $~0x80000000,%eax          # Disable
260                 movl %eax,%cr0                  #  paging
261 ')
262                 xorl %ecx,%ecx                  # Zero
263 ifdef(`PAGING',`
264                 movl %ecx,%cr3                  # Flush TLB
265 ')
266 #
267 # To 16 bits.
268 #
269                 ljmpw $SEL_RCODE,$exit.1        # Reload CS
270                 .code16
271 exit.1:         mov $SEL_RDATA,%cl              # 16-bit selector
272                 mov %cx,%ss                     # Reload SS
273                 mov %cx,%ds                     # Load
274                 mov %cx,%es                     #  remaining
275                 mov %cx,%fs                     #  segment
276                 mov %cx,%gs                     #  registers
277 #
278 # To real-address mode.
279 #
280                 dec %ax                         # Switch to
281                 mov %eax,%cr0                   #  real mode
282                 ljmp $0x0,$exit.2               # Reload CS
283 exit.2:         xor %ax,%ax                     # Real mode segment
284                 mov %ax,%ss                     # Reload SS
285                 mov %ax,%ds                     # Address data
286                 mov $0x7008,%bx                 # Set real mode
287                 callw setpic                    #  IRQ offsets
288                 lidt ivtdesc                    # Set IVT
289 #
290 # Reboot or await reset.
291 #
292                 sti                             # Enable interrupts
293                 testb $0x1,btx_hdr+0x7          # Reboot?
294 exit.3:         jz exit.3                       # No
295                 movw $0x1234, BDA_BOOT          # Do a warm boot
296                 ljmp $0xffff,$0x0               # reboot the machine
297 #
298 # Set IRQ offsets by reprogramming 8259A PICs.
299 #
300 setpic:         in $0x21,%al                    # Save master
301                 push %ax                        #  IMR
302                 in $0xa1,%al                    # Save slave
303                 push %ax                        #  IMR
304                 movb $0x11,%al                  # ICW1 to
305                 outb %al,$0x20                  #  master,
306                 outb %al,$0xa0                  #  slave
307                 movb %bl,%al                    # ICW2 to
308                 outb %al,$0x21                  #  master
309                 movb %bh,%al                    # ICW2 to
310                 outb %al,$0xa1                  #  slave
311                 movb $0x4,%al                   # ICW3 to
312                 outb %al,$0x21                  #  master
313                 movb $0x2,%al                   # ICW3 to
314                 outb %al,$0xa1                  #  slave
315                 movb $0x1,%al                   # ICW4 to
316                 outb %al,$0x21                  #  master,
317                 outb %al,$0xa1                  #  slave
318                 pop %ax                         # Restore slave
319                 outb %al,$0xa1                  #  IMR
320                 pop %ax                         # Restore master
321                 outb %al,$0x21                  #  IMR
322                 retw                            # To caller
323                 .code32
324 #
325 # Initiate return from V86 mode to user mode.
326 #
327 inthlt:         hlt                             # To supervisor mode
328 #
329 # Exception jump table.
330 #
331 intx00:         push $0x0                       # Int 0x0: #DE
332                 jmp ex_noc                      # Divide error
333                 push $0x1                       # Int 0x1: #DB
334                 jmp ex_noc                      # Debug
335                 push $0x3                       # Int 0x3: #BP
336                 jmp ex_noc                      # Breakpoint
337                 push $0x4                       # Int 0x4: #OF
338                 jmp ex_noc                      # Overflow
339                 push $0x5                       # Int 0x5: #BR
340                 jmp ex_noc                      # BOUND range exceeded
341                 push $0x6                       # Int 0x6: #UD
342                 jmp ex_noc                      # Invalid opcode
343                 push $0x7                       # Int 0x7: #NM
344                 jmp ex_noc                      # Device not available
345                 push $0x8                       # Int 0x8: #DF
346                 jmp except                      # Double fault
347                 push $0xa                       # Int 0xa: #TS
348                 jmp except                      # Invalid TSS
349                 push $0xb                       # Int 0xb: #NP
350                 jmp except                      # Segment not present
351                 push $0xc                       # Int 0xc: #SS
352                 jmp except                      # Stack segment fault
353                 push $0xd                       # Int 0xd: #GP
354                 jmp ex_v86                      # General protection
355                 push $0xe                       # Int 0xe: #PF
356                 jmp except                      # Page fault
357 intx10:         push $0x10                      # Int 0x10: #MF
358                 jmp ex_noc                      # Floating-point error
359 #
360 # Handle #GP exception.
361 #
362 ex_v86:         testb $0x2,0x12(%esp,1)         # V86 mode?
363                 jz except                       # No
364                 jmp v86mon                      # To monitor
365 #
366 # Save a zero error code.
367 #
368 ex_noc:         pushl (%esp,1)                  # Duplicate int no
369                 movb $0x0,0x4(%esp,1)           # Fake error code
370 #
371 # Handle exception.
372 #
373 except:         cld                             # String ops inc
374                 pushl %ds                       # Save
375                 pushl %es                       #  most
376                 pusha                           #  registers
377                 movb $0x6,%al                   # Push loop count
378                 testb $0x2,0x3a(%esp,1)         # V86 mode?
379                 jnz except.1                    # Yes
380                 pushl %gs                       # Set GS
381                 pushl %fs                       # Set FS
382                 pushl %ds                       # Set DS
383                 pushl %es                       # Set ES
384                 movb $0x2,%al                   # Push loop count
385                 cmpw $SEL_SCODE,0x44(%esp,1)    # Supervisor mode?
386                 jne except.1                    # No
387                 pushl %ss                       # Set SS
388                 leal 0x50(%esp,1),%eax          # Set
389                 pushl %eax                      #  ESP
390                 jmp except.2                    # Join common code
391 except.1:       pushl 0x50(%esp,1)              # Set GS, FS, DS, ES
392                 decb %al                        #  (if V86 mode), and
393                 jne except.1                    #  SS, ESP
394 except.2:       push $SEL_SDATA                 # Set up
395                 popl %ds                        #  to
396                 pushl %ds                       #  address
397                 popl %es                        #  data
398                 movl %esp,%ebx                  # Stack frame
399                 movl $dmpfmt,%esi               # Dump format string
400                 movl $MEM_BUF,%edi              # Buffer
401                 pushl %edi                      # Dump to
402                 call dump                       #  buffer
403                 popl %esi                       #  and
404                 call putstr                     #  display
405                 leal 0x18(%esp,1),%esp          # Discard frame
406                 popa                            # Restore
407                 popl %es                        #  registers
408                 popl %ds                        #  saved
409                 cmpb $0x3,(%esp,1)              # Breakpoint?
410                 je except.3                     # Yes
411                 jmp exit                        # Exit
412 except.3:       leal 0x8(%esp,1),%esp           # Discard err, int no
413                 iret                            # From interrupt
414 #
415 # Return to user mode from V86 mode.
416 #
417 intrtn:         cld                             # String ops inc
418                 pushl %ds                       # Address
419                 popl %es                        #  data
420                 leal 0x3c(%ebp),%edx            # V86 Segment registers
421                 movl MEM_TSS+TSS_ESP1,%esi      # Link stack pointer
422                 lodsl                           # INT_V86 args pointer
423                 movl %esi,%ebx                  # Saved exception frame
424                 testl %eax,%eax                 # INT_V86 args?
425                 jz intrtn.2                     # No
426                 movl $MEM_USR,%edi              # User base
427                 movl 0x1c(%esi),%ebx            # User ESP
428                 movl %eax,(%edi,%ebx,1)         # Restore to user stack
429                 leal 0x8(%edi,%eax,1),%edi      # Arg segment registers
430                 testb $0x4,-0x6(%edi)           # Return flags?
431                 jz intrtn.1                     # No
432                 movl 0x30(%ebp),%eax            # Get V86 flags
433                 movw %ax,0x18(%esi)             # Set user flags
434 intrtn.1:       leal 0x10(%esi),%ebx            # Saved exception frame
435                 xchgl %edx,%esi                 # Segment registers
436                 movb $0x4,%cl                   # Update seg regs
437                 rep                             #  in INT_V86
438                 movsl                           #  args
439 intrtn.2:       movl %edx,%esi                  # Segment registers
440                 leal 0x28(%ebp),%edi            # Set up seg
441                 movb $0x4,%cl                   #  regs for
442                 rep                             #  later
443                 movsl                           #  pop
444                 movl %ebx,%esi                  # Restore exception
445                 movb $0x5,%cl                   #  frame to
446                 rep                             #  supervisor
447                 movsl                           #  stack
448                 movl %esi,MEM_TSS+TSS_ESP1      # Link stack pointer
449                 popa                            # Restore
450                 leal 0x8(%esp,1),%esp           # Discard err, int no
451                 popl %es                        # Restore
452                 popl %ds                        #  user
453                 popl %fs                        #  segment
454                 popl %gs                        #  registers
455                 iret                            # To user mode
456 #
457 # V86 monitor.
458 #
459 v86mon:         cld                             # String ops inc
460                 pushl $SEL_SDATA                # Set up for
461                 popl %ds                        #  flat addressing
462                 pusha                           # Save registers
463                 movl %esp,%ebp                  # Address stack frame
464                 movzwl 0x2c(%ebp),%edi          # Load V86 CS
465                 shll $0x4,%edi                  # To linear
466                 movl 0x28(%ebp),%esi            # Load V86 IP
467                 addl %edi,%esi                  # Code pointer
468                 xorl %ecx,%ecx                  # Zero
469                 movb $0x2,%cl                   # 16-bit operands
470                 xorl %eax,%eax                  # Zero
471 v86mon.1:       lodsb                           # Get opcode
472                 cmpb $0x66,%al                  # Operand size prefix?
473                 jne v86mon.2                    # No
474                 movb $0x4,%cl                   # 32-bit operands
475                 jmp v86mon.1                    # Continue
476 v86mon.2:       cmpb $0xf4,%al                  # HLT?
477                 jne v86mon.3                    # No
478                 cmpl $inthlt+0x1,%esi           # Is inthlt?
479                 jne v86mon.7                    # No (ignore)
480                 jmp intrtn                      # Return to user mode
481 v86mon.3:       cmpb $0xf,%al                   # Prefixed instruction?
482                 jne v86mon.4                    # No
483                 cmpb $0x09,(%esi)               # Is it a WBINVD?
484                 je v86wbinvd                    # Yes
485                 cmpb $0x30,(%esi)               # Is it a WRMSR?
486                 je v86wrmsr                     # Yes
487                 cmpb $0x32,(%esi)               # Is it a RDMSR?
488                 je v86rdmsr                     # Yes
489                 cmpb $0x20,(%esi)               # Is this a
490                 jne v86mon.4                    #  MOV EAX,CR0
491                 cmpb $0xc0,0x1(%esi)            #  instruction?
492                 je v86mov                       # Yes
493 v86mon.4:       cmpb $0xfa,%al                  # CLI?
494                 je v86cli                       # Yes
495                 cmpb $0xfb,%al                  # STI?
496                 je v86sti                       # Yes
497                 movzwl 0x38(%ebp),%ebx          # Load V86 SS
498                 shll $0x4,%ebx                  # To offset
499                 pushl %ebx                      # Save
500                 addl 0x34(%ebp),%ebx            # Add V86 SP
501                 movl 0x30(%ebp),%edx            # Load V86 flags
502                 cmpb $0x9c,%al                  # PUSHF/PUSHFD?
503                 je v86pushf                     # Yes
504                 cmpb $0x9d,%al                  # POPF/POPFD?
505                 je v86popf                      # Yes
506                 cmpb $0xcd,%al                  # INT imm8?
507                 je v86intn                      # Yes
508                 cmpb $0xcf,%al                  # IRET/IRETD?
509                 je v86iret                      # Yes
510                 popl %ebx                       # Restore
511                 popa                            # Restore
512                 jmp except                      # Handle exception
513 v86mon.5:       movl %edx,0x30(%ebp)            # Save V86 flags
514 v86mon.6:       popl %edx                       # V86 SS adjustment
515                 subl %edx,%ebx                  # Save V86
516                 movl %ebx,0x34(%ebp)            #  SP
517 v86mon.7:       subl %edi,%esi                  # From linear
518                 movl %esi,0x28(%ebp)            # Save V86 IP
519                 popa                            # Restore
520                 leal 0x8(%esp,1),%esp           # Discard int no, error
521                 iret                            # To V86 mode
522 #
523 # Emulate MOV EAX,CR0.
524 #
525 v86mov:         movl %cr0,%eax                  # CR0 to
526                 movl %eax,0x1c(%ebp)            #  saved EAX
527                 incl %esi                       # Adjust IP
528 #
529 # Return from emulating a 0x0f prefixed instruction
530 #
531 v86preret:      incl %esi                       # Adjust IP
532                 jmp v86mon.7                    # Finish up
533 #
534 # Emulate WBINVD
535 #
536 v86wbinvd:      wbinvd                          # Write back and invalidate
537                                                 #  cache
538                 jmp v86preret                   # Finish up
539 #
540 # Emulate WRMSR
541 #
542 v86wrmsr:       movl 0x18(%ebp),%ecx            # Get user's %ecx (MSR to write)
543                 movl 0x14(%ebp),%edx            # Load the value
544                 movl 0x1c(%ebp),%eax            #  to write
545                 wrmsr                           # Write MSR
546                 jmp v86preret                   # Finish up
547 #
548 # Emulate RDMSR
549 #
550 v86rdmsr:       movl 0x18(%ebp),%ecx            # MSR to read
551                 rdmsr                           # Read the MSR
552                 movl %eax,0x1c(%ebp)            # Return the value of
553                 movl %edx,0x14(%ebp)            #  the MSR to the user
554                 jmp v86preret                   # Finish up
555 #
556 # Emulate CLI.
557 #
558 v86cli:         andb $~0x2,0x31(%ebp)           # Clear IF
559                 jmp v86mon.7                    # Finish up
560 #
561 # Emulate STI.
562 #
563 v86sti:         orb $0x2,0x31(%ebp)             # Set IF
564                 jmp v86mon.7                    # Finish up
565 #
566 # Emulate PUSHF/PUSHFD.
567 #
568 v86pushf:       subl %ecx,%ebx                  # Adjust SP
569                 cmpb $0x4,%cl                   # 32-bit
570                 je v86pushf.1                   # Yes
571                 data16                          # 16-bit
572 v86pushf.1:     movl %edx,(%ebx)                # Save flags
573                 jmp v86mon.6                    # Finish up
574 #
575 # Emulate IRET/IRETD.
576 #
577 v86iret:        movzwl (%ebx),%esi              # Load V86 IP
578                 movzwl 0x2(%ebx),%edi           # Load V86 CS
579                 leal 0x4(%ebx),%ebx             # Adjust SP
580                 movl %edi,0x2c(%ebp)            # Save V86 CS
581                 xorl %edi,%edi                  # No ESI adjustment
582 #
583 # Emulate POPF/POPFD (and remainder of IRET/IRETD).
584 #
585 v86popf:        cmpb $0x4,%cl                   # 32-bit?
586                 je v86popf.1                    # Yes
587                 movl %edx,%eax                  # Initialize
588                 data16                          # 16-bit
589 v86popf.1:      movl (%ebx),%eax                # Load flags
590                 addl %ecx,%ebx                  # Adjust SP
591                 andl $V86_FLG,%eax              # Merge
592                 andl $~V86_FLG,%edx             #  the
593                 orl %eax,%edx                   #  flags
594                 jmp v86mon.5                    # Finish up
595 #
596 # trap int 15, function 87
597 # reads %es:%si from saved registers on stack to find a GDT containing
598 # source and destination locations
599 # reads count of words from saved %cx
600 # returns success by setting %ah to 0
601 #
602 int15_87:       pushl %eax                      # Save 
603                 pushl %ebx                      #  some information 
604                 pushl %esi                      #  onto the stack.
605                 pushl %edi
606                 xorl %eax,%eax                  # clean EAX 
607                 xorl %ebx,%ebx                  # clean EBX 
608                 movl 0x4(%ebp),%esi             # Get user's ESI
609                 movl 0x3C(%ebp),%ebx            # store ES
610                 movw %si,%ax                    # store SI
611                 shll $0x4,%ebx                  # Make it a seg.
612                 addl %eax,%ebx                  # ebx=(es<<4)+si
613                 movb 0x14(%ebx),%al             # Grab the
614                 movb 0x17(%ebx),%ah             #  necessary
615                 shll $0x10,%eax                 #  information
616                 movw 0x12(%ebx),%ax             #  from
617                 movl %eax,%esi                  #  the
618                 movb 0x1c(%ebx),%al             #  GDT in order to
619                 movb 0x1f(%ebx),%ah             #  have %esi offset
620                 shll $0x10,%eax                 #  of source and %edi
621                 movw 0x1a(%ebx),%ax             #  of destination.
622                 movl %eax,%edi
623                 pushl %ds                       # Make:
624                 popl %es                        # es = ds
625                 pushl %ecx                      # stash ECX
626                 xorl %ecx,%ecx                  # highw of ECX is clear
627                 movw 0x18(%ebp),%cx             # Get user's ECX
628                 shll $0x1,%ecx                  # Convert from num words to num
629                                                 #  bytes
630                 rep                             # repeat...
631                 movsb                           #  perform copy.
632                 popl %ecx                       # Restore
633                 popl %edi
634                 popl %esi                       #  previous
635                 popl %ebx                       #  register
636                 popl %eax                       #  values.
637                 movb $0x0,0x1d(%ebp)            # set ah = 0 to indicate
638                                                 #  success
639                 andb $0xfe,%dl                  # clear CF
640                 jmp v86mon.5                    # Finish up
641
642 #
643 # Reboot the machine by setting the reboot flag and exiting
644 #
645 reboot:         orb $0x1,btx_hdr+0x7            # Set the reboot flag
646                 jmp exit                        # Terminate BTX and reboot
647
648 #
649 # Emulate INT imm8... also make sure to check if it's int 15/87
650 #
651 v86intn:        lodsb                           # Get int no
652                 cmpb $0x19,%al                  # is it int 19?
653                 je reboot                       #  yes, reboot the machine
654                 cmpb $0x15,%al                  # is it int 15?
655                 jne v86intn.3                   #  no, skip parse
656                 pushl %eax                      # stash EAX
657                 movl 0x1c(%ebp),%eax            # user's saved EAX
658                 cmpb $0x87,%ah                  # is it the memcpy subfunction?
659                 jne v86intn.1                   #  no, keep checking
660                 popl %eax                       # get the stack straight
661                 jmp int15_87                    # it's our cue
662 v86intn.1:      cmpw $0x4f53,%ax                # is it the delete key callout?
663                 jne v86intn.2                   #  no, handle the int normally
664                 movb BDA_KEYFLAGS,%al           # get the shift key state
665                 andb $0xc,%al                   # mask off just Ctrl and Alt
666                 cmpb $0xc,%al                   # are both Ctrl and Alt down?
667                 jne v86intn.2                   #  no, handle the int normally
668                 popl %eax                       # restore EAX
669                 jmp reboot                      # reboot the machine
670 v86intn.2:      popl %eax                       # restore EAX
671 v86intn.3:      subl %edi,%esi                  # From
672                 shrl $0x4,%edi                  #  linear
673                 movw %dx,-0x2(%ebx)             # Save flags
674                 movw %di,-0x4(%ebx)             # Save CS
675                 leal -0x6(%ebx),%ebx            # Adjust SP
676                 movw %si,(%ebx)                 # Save IP
677                 shll $0x2,%eax                  # Scale
678                 movzwl (%eax),%esi              # Load IP
679                 movzwl 0x2(%eax),%edi           # Load CS
680                 movl %edi,0x2c(%ebp)            # Save CS
681                 xorl %edi,%edi                  # No ESI adjustment
682                 andb $~0x1,%dh                  # Clear TF
683                 jmp v86mon.5                    # Finish up
684 #
685 # Hardware interrupt jump table.
686 #
687 intx20:         push $0x8                       # Int 0x20: IRQ0
688                 jmp int_hw                      # V86 int 0x8
689                 push $0x9                       # Int 0x21: IRQ1
690                 jmp int_hw                      # V86 int 0x9
691                 push $0xa                       # Int 0x22: IRQ2
692                 jmp int_hw                      # V86 int 0xa
693                 push $0xb                       # Int 0x23: IRQ3
694                 jmp int_hw                      # V86 int 0xb
695                 push $0xc                       # Int 0x24: IRQ4
696                 jmp int_hw                      # V86 int 0xc
697                 push $0xd                       # Int 0x25: IRQ5
698                 jmp int_hw                      # V86 int 0xd
699                 push $0xe                       # Int 0x26: IRQ6
700                 jmp int_hw                      # V86 int 0xe
701                 push $0xf                       # Int 0x27: IRQ7
702                 jmp int_hw                      # V86 int 0xf
703                 push $0x70                      # Int 0x28: IRQ8
704                 jmp int_hw                      # V86 int 0x70
705                 push $0x71                      # Int 0x29: IRQ9
706                 jmp int_hw                      # V86 int 0x71
707                 push $0x72                      # Int 0x2a: IRQ10
708                 jmp int_hw                      # V86 int 0x72
709                 push $0x73                      # Int 0x2b: IRQ11
710                 jmp int_hw                      # V86 int 0x73
711                 push $0x74                      # Int 0x2c: IRQ12
712                 jmp int_hw                      # V86 int 0x74
713                 push $0x75                      # Int 0x2d: IRQ13
714                 jmp int_hw                      # V86 int 0x75
715                 push $0x76                      # Int 0x2e: IRQ14
716                 jmp int_hw                      # V86 int 0x76
717                 push $0x77                      # Int 0x2f: IRQ15
718                 jmp int_hw                      # V86 int 0x77
719 #
720 # Reflect hardware interrupts.
721 #
722 int_hw:         testb $0x2,0xe(%esp,1)          # V86 mode?
723                 jz intusr                       # No
724                 pushl $SEL_SDATA                # Address
725                 popl %ds                        #  data
726                 xchgl %eax,(%esp,1)             # Swap EAX, int no
727                 pushl %ebp                      # Address
728                 movl %esp,%ebp                  #  stack frame
729                 pushl %ebx                      # Save
730                 shll $0x2,%eax                  # Get int
731                 movl (%eax),%eax                #  vector
732                 subl $0x6,0x14(%ebp)            # Adjust V86 ESP
733                 movzwl 0x18(%ebp),%ebx          # V86 SS
734                 shll $0x4,%ebx                  #  * 0x10
735                 addl 0x14(%ebp),%ebx            #  + V86 ESP
736                 xchgw %ax,0x8(%ebp)             # Swap V86 IP
737                 rorl $0x10,%eax                 # Swap words
738                 xchgw %ax,0xc(%ebp)             # Swap V86 CS
739                 roll $0x10,%eax                 # Swap words
740                 movl %eax,(%ebx)                # CS:IP for IRET
741                 movl 0x10(%ebp),%eax            # V86 flags
742                 movw %ax,0x4(%ebx)              # Flags for IRET
743                 andb $~0x3,0x11(%ebp)           # Clear IF, TF
744                 popl %ebx                       # Restore
745                 popl %ebp                       #  saved
746                 popl %eax                       #  registers
747                 iret                            # To V86 mode
748 #
749 # Invoke V86 interrupt from user mode, with arguments.
750 #
751 intx31:         stc                             # Have btx_v86
752                 pushl %eax                      # Missing int no
753 #
754 # Invoke V86 interrupt from user mode.
755 #
756 intusr:         std                             # String ops dec
757                 pushl %eax                      # Expand
758                 pushl %eax                      #  stack
759                 pushl %eax                      #  frame
760                 pusha                           # Save
761                 pushl %gs                       # Save
762                 movl %esp,%eax                  #  seg regs
763                 pushl %fs                       #  and
764                 pushl %ds                       #  point
765                 pushl %es                       #  to them
766                 push $SEL_SDATA                 # Set up
767                 popl %ds                        #  to
768                 pushl %ds                       #  address
769                 popl %es                        #  data
770                 movl $MEM_USR,%ebx              # User base
771                 movl %ebx,%edx                  #  address
772                 jc intusr.1                     # If btx_v86
773                 xorl %edx,%edx                  # Control flags
774                 xorl %ebp,%ebp                  # btx_v86 pointer
775 intusr.1:       leal 0x50(%esp,1),%esi          # Base of frame
776                 pushl %esi                      # Save
777                 addl -0x4(%esi),%ebx            # User ESP
778                 movl MEM_TSS+TSS_ESP1,%edi      # Link stack pointer
779                 leal -0x4(%edi),%edi            # Adjust for push
780                 xorl %ecx,%ecx                  # Zero
781                 movb $0x5,%cl                   # Push exception
782                 rep                             #  frame on
783                 movsl                           #  link stack
784                 xchgl %eax,%esi                 # Saved seg regs
785                 movl 0x40(%esp,1),%eax          # Get int no
786                 testl %edx,%edx                 # Have btx_v86?
787                 jz intusr.2                     # No
788                 movl (%ebx),%ebp                # btx_v86 pointer
789                 movb $0x4,%cl                   # Count
790                 addl %ecx,%ebx                  # Adjust for pop
791                 rep                             # Push saved seg regs
792                 movsl                           #  on link stack
793                 addl %ebp,%edx                  # Flatten btx_v86 ptr
794                 leal 0x14(%edx),%esi            # Seg regs pointer
795                 movl 0x4(%edx),%eax             # Get int no/address
796                 movzwl 0x2(%edx),%edx           # Get control flags
797 intusr.2:       movl %ebp,(%edi)                # Push btx_v86 and
798                 movl %edi,MEM_TSS+TSS_ESP1      #  save link stack ptr
799                 popl %edi                       # Base of frame
800                 xchgl %eax,%ebp                 # Save intno/address
801                 movl 0x48(%esp,1),%eax          # Get flags
802                 testb $0x2,%dl                  # Simulate CALLF?
803                 jnz intusr.3                    # Yes
804                 decl %ebx                       # Push flags
805                 decl %ebx                       #  on V86
806                 movw %ax,(%ebx)                 #  stack
807 intusr.3:       movb $0x4,%cl                   # Count
808                 subl %ecx,%ebx                  # Push return address
809                 movl $inthlt,(%ebx)             #  on V86 stack
810                 rep                             # Copy seg regs to
811                 movsl                           #  exception frame
812                 xchgl %eax,%ecx                 # Save flags
813                 movl %ebx,%eax                  # User ESP
814                 subl $V86_STK,%eax              # Less bytes
815                 ja intusr.4                     #  to
816                 xorl %eax,%eax                  #  keep
817 intusr.4:       shrl $0x4,%eax                  # Gives segment
818                 stosl                           # Set SS
819                 shll $0x4,%eax                  # To bytes
820                 xchgl %eax,%ebx                 # Swap
821                 subl %ebx,%eax                  # Gives offset
822                 stosl                           # Set ESP
823                 xchgl %eax,%ecx                 # Get flags
824                 btsl $0x11,%eax                 # Set VM
825                 andb $~0x1,%ah                  # Clear TF
826                 stosl                           # Set EFL
827                 xchgl %eax,%ebp                 # Get int no/address
828                 testb $0x1,%dl                  # Address?
829                 jnz intusr.5                    # Yes
830                 shll $0x2,%eax                  # Scale
831                 movl (%eax),%eax                # Load int vector
832 intusr.5:       movl %eax,%ecx                  # Save
833                 shrl $0x10,%eax                 # Gives segment
834                 stosl                           # Set CS
835                 movw %cx,%ax                    # Restore
836                 stosl                           # Set EIP
837                 leal 0x10(%esp,1),%esp          # Discard seg regs
838                 popa                            # Restore
839                 iret                            # To V86 mode
840 #
841 # System Call.
842 #
843 intx30:         cmpl $SYS_EXEC,%eax             # Exec system call?
844                 jne intx30.1                    # No
845                 pushl %ss                       # Set up
846                 popl %es                        #  all
847                 pushl %es                       #  segment
848                 popl %ds                        #  registers
849                 pushl %ds                       #  for the
850                 popl %fs                        #  program
851                 pushl %fs                       #  we're
852                 popl %gs                        #  invoking
853                 movl $MEM_USR,%eax              # User base address
854                 addl 0xc(%esp,1),%eax           # Change to user
855                 leal 0x4(%eax),%esp             #  stack
856 ifdef(`PAGING',`
857                 movl %cr0,%eax                  # Turn
858                 andl $~0x80000000,%eax          #  off
859                 movl %eax,%cr0                  #  paging
860                 xorl %eax,%eax                  # Flush
861                 movl %eax,%cr3                  #  TLB
862 ')
863                 popl %eax                       # Call
864                 call *%eax                      #  program
865 intx30.1:       incb %ss:btx_hdr+0x7            # Flag reboot
866                 jmp exit                        # Exit
867 #
868 # Dump structure [EBX] to [EDI], using format string [ESI].
869 #
870 dump.0:         stosb                           # Save char
871 dump:           lodsb                           # Load char
872                 testb %al,%al                   # End of string?
873                 jz dump.10                      # Yes
874                 testb $0x80,%al                 # Control?
875                 jz dump.0                       # No
876                 movb %al,%ch                    # Save control
877                 movb $'=',%al                   # Append
878                 stosb                           #  '='
879                 lodsb                           # Get offset
880                 pushl %esi                      # Save
881                 movsbl %al,%esi                 # To
882                 addl %ebx,%esi                  #  pointer
883                 testb $DMP_X16,%ch              # Dump word?
884                 jz dump.1                       # No
885                 lodsw                           # Get and
886                 call hex16                      #  dump it
887 dump.1:         testb $DMP_X32,%ch              # Dump long?
888                 jz dump.2                       # No
889                 lodsl                           # Get and
890                 call hex32                      #  dump it
891 dump.2:         testb $DMP_MEM,%ch              # Dump memory?
892                 jz dump.8                       # No
893                 pushl %ds                       # Save
894                 testb $0x2,0x52(%ebx)           # V86 mode?
895                 jnz dump.3                      # Yes
896                 verr 0x4(%esi)                  # Readable selector?
897                 jnz dump.3                      # No
898                 ldsl (%esi),%esi                # Load pointer
899                 jmp dump.4                      # Join common code
900 dump.3:         lodsl                           # Set offset
901                 xchgl %eax,%edx                 # Save
902                 lodsl                           # Get segment
903                 shll $0x4,%eax                  #  * 0x10
904                 addl %edx,%eax                  #  + offset
905                 xchgl %eax,%esi                 # Set pointer
906 dump.4:         movb $0x10,%cl                  # Bytes to dump
907 dump.5:         lodsb                           # Get byte and
908                 call hex8                       #  dump it
909                 decb %cl                        # Keep count
910                 jz dump.7                       # If done
911                 movb $'-',%al                   # Separator
912                 cmpb $0x8,%cl                   # Half way?
913                 je dump.6                       # Yes
914                 movb $' ',%al                   # Use space
915 dump.6:         stosb                           # Save separator
916                 jmp dump.5                      # Continue
917 dump.7:         popl %ds                        # Restore
918 dump.8:         popl %esi                       # Restore
919                 movb $0xa,%al                   # Line feed
920                 testb $DMP_EOL,%ch              # End of line?
921                 jnz dump.9                      # Yes
922                 movb $' ',%al                   # Use spaces
923                 stosb                           # Save one
924 dump.9:         jmp dump.0                      # Continue
925 dump.10:        stosb                           # Terminate string
926                 ret                             # To caller
927 #
928 # Convert EAX, AX, or AL to hex, saving the result to [EDI].
929 #
930 hex32:          pushl %eax                      # Save
931                 shrl $0x10,%eax                 # Do upper
932                 call hex16                      #  16
933                 popl %eax                       # Restore
934 hex16:          call hex16.1                    # Do upper 8
935 hex16.1:        xchgb %ah,%al                   # Save/restore
936 hex8:           pushl %eax                      # Save
937                 shrb $0x4,%al                   # Do upper
938                 call hex8.1                     #  4
939                 popl %eax                       # Restore
940 hex8.1:         andb $0xf,%al                   # Get lower 4
941                 cmpb $0xa,%al                   # Convert
942                 sbbb $0x69,%al                  #  to hex
943                 das                             #  digit
944                 orb $0x20,%al                   # To lower case
945                 stosb                           # Save char
946                 ret                             # (Recursive)
947 #
948 # Output zero-terminated string [ESI] to the console.
949 #
950 putstr.0:       call putchr                     # Output char
951 putstr:         lodsb                           # Load char
952                 testb %al,%al                   # End of string?
953                 jnz putstr.0                    # No
954                 ret                             # To caller
955 #
956 # Output character AL to the console.
957 #
958 putchr:         pusha                           # Save
959                 xorl %ecx,%ecx                  # Zero for loops
960                 movb $SCR_MAT,%ah               # Mode/attribute
961                 movl $BDA_POS,%ebx              # BDA pointer
962                 movw (%ebx),%dx                 # Cursor position
963                 movl $0xb8000,%edi              # Regen buffer (color)
964                 cmpb %ah,BDA_SCR-BDA_POS(%ebx)  # Mono mode?
965                 jne putchr.1                    # No
966                 xorw %di,%di                    # Regen buffer (mono)
967 putchr.1:       cmpb $0xa,%al                   # New line?
968                 je putchr.2                     # Yes
969                 xchgl %eax,%ecx                 # Save char
970                 movb $SCR_COL,%al               # Columns per row
971                 mulb %dh                        #  * row position
972                 addb %dl,%al                    #  + column
973                 adcb $0x0,%ah                   #  position
974                 shll %eax                       #  * 2
975                 xchgl %eax,%ecx                 # Swap char, offset
976                 movw %ax,(%edi,%ecx,1)          # Write attr:char
977                 incl %edx                       # Bump cursor
978                 cmpb $SCR_COL,%dl               # Beyond row?
979                 jb putchr.3                     # No
980 putchr.2:       xorb %dl,%dl                    # Zero column
981                 incb %dh                        # Bump row
982 putchr.3:       cmpb $SCR_ROW,%dh               # Beyond screen?
983                 jb putchr.4                     # No
984                 leal 2*SCR_COL(%edi),%esi       # New top line
985                 movw $(SCR_ROW-1)*SCR_COL/2,%cx # Words to move
986                 rep                             # Scroll
987                 movsl                           #  screen
988                 movb $' ',%al                   # Space
989                 movb $SCR_COL,%cl               # Columns to clear
990                 rep                             # Clear
991                 stosw                           #  line
992                 movb $SCR_ROW-1,%dh             # Bottom line
993 putchr.4:       movw %dx,(%ebx)                 # Update position
994                 popa                            # Restore
995                 ret                             # To caller
996
997                 .p2align 4
998 #
999 # Global descriptor table.
1000 #
1001 gdt:            .word 0x0,0x0,0x0,0x0           # Null entry
1002                 .word 0xffff,0x0,0x9a00,0xcf    # SEL_SCODE
1003                 .word 0xffff,0x0,0x9200,0xcf    # SEL_SDATA
1004                 .word 0xffff,0x0,0x9a00,0x0     # SEL_RCODE
1005                 .word 0xffff,0x0,0x9200,0x0     # SEL_RDATA
1006                 .word 0xffff,MEM_USR,0xfa00,0xcf# SEL_UCODE
1007                 .word 0xffff,MEM_USR,0xf200,0xcf# SEL_UDATA
1008                 .word _TSSLM,MEM_TSS,0x8900,0x0 # SEL_TSS
1009 gdt.1:
1010 #
1011 # Pseudo-descriptors.
1012 #
1013 gdtdesc:        .word gdt.1-gdt-1,gdt,0x0       # GDT
1014 idtdesc:        .word _IDTLM,MEM_IDT,0x0        # IDT
1015 ivtdesc:        .word 0x400-0x0-1,0x0,0x0       # IVT
1016 #
1017 # IDT construction control string.
1018 #
1019 idtctl:         .byte 0x10,  0x8e               # Int 0x0-0xf
1020                 .word 0x7dfb,intx00             #  (exceptions)
1021                 .byte 0x10,  0x8e               # Int 0x10
1022                 .word 0x1,   intx10             #  (exception)
1023                 .byte 0x10,  0x8e               # Int 0x20-0x2f
1024                 .word 0xffff,intx20             #  (hardware)
1025                 .byte 0x1,   0xee               # int 0x30
1026                 .word 0x1,   intx30             #  (system call)
1027                 .byte 0x2,   0xee               # Int 0x31-0x32
1028                 .word 0x1,   intx31             #  (V86, null)
1029                 .byte 0x0                       # End of string
1030 #
1031 # Dump format string.
1032 #
1033 dmpfmt:         .byte '\n'                      # "\n"
1034                 .ascii "int"                    # "int="
1035                 .byte 0x80|DMP_X32,        0x40 # "00000000  "
1036                 .ascii "err"                    # "err="
1037                 .byte 0x80|DMP_X32,        0x44 # "00000000  "
1038                 .ascii "efl"                    # "efl="
1039                 .byte 0x80|DMP_X32,        0x50 # "00000000  "
1040                 .ascii "eip"                    # "eip="
1041                 .byte 0x80|DMP_X32|DMP_EOL,0x48 # "00000000\n"
1042                 .ascii "eax"                    # "eax="
1043                 .byte 0x80|DMP_X32,        0x34 # "00000000  "
1044                 .ascii "ebx"                    # "ebx="
1045                 .byte 0x80|DMP_X32,        0x28 # "00000000  "
1046                 .ascii "ecx"                    # "ecx="
1047                 .byte 0x80|DMP_X32,        0x30 # "00000000  "
1048                 .ascii "edx"                    # "edx="
1049                 .byte 0x80|DMP_X32|DMP_EOL,0x2c # "00000000\n"
1050                 .ascii "esi"                    # "esi="
1051                 .byte 0x80|DMP_X32,        0x1c # "00000000  "
1052                 .ascii "edi"                    # "edi="
1053                 .byte 0x80|DMP_X32,        0x18 # "00000000  "
1054                 .ascii "ebp"                    # "ebp="
1055                 .byte 0x80|DMP_X32,        0x20 # "00000000  "
1056                 .ascii "esp"                    # "esp="
1057                 .byte 0x80|DMP_X32|DMP_EOL,0x0  # "00000000\n"
1058                 .ascii "cs"                     # "cs="
1059                 .byte 0x80|DMP_X16,        0x4c # "0000  "
1060                 .ascii "ds"                     # "ds="
1061                 .byte 0x80|DMP_X16,        0xc  # "0000  "
1062                 .ascii "es"                     # "es="
1063                 .byte 0x80|DMP_X16,        0x8  # "0000  "
1064                 .ascii "  "                     # "  "
1065                 .ascii "fs"                     # "fs="
1066                 .byte 0x80|DMP_X16,        0x10 # "0000  "
1067                 .ascii "gs"                     # "gs="
1068                 .byte 0x80|DMP_X16,        0x14 # "0000  "
1069                 .ascii "ss"                     # "ss="
1070                 .byte 0x80|DMP_X16|DMP_EOL,0x4  # "0000\n"
1071                 .ascii "cs:eip"                 # "cs:eip="
1072                 .byte 0x80|DMP_MEM|DMP_EOL,0x48 # "00 00 ... 00 00\n"
1073                 .ascii "ss:esp"                 # "ss:esp="
1074                 .byte 0x80|DMP_MEM|DMP_EOL,0x0  # "00 00 ... 00 00\n"
1075                 .asciz "BTX halted"             # End
1076 #
1077 # End of BTX memory.
1078 #
1079                 .p2align 4
1080 break: