Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 30 Jul 2006 09:15:30 +0200
From:      Adrian Steinmann <ast@marabu.ch>
To:        Pascal Dornier <pdornier@pcengines.ch>
Cc:        ambrisko@freebsd.org, freebsd-embedded@freebsd.org, john@baldwin.cx, Danny Braniss <danny@cs.huji.ac.il>, Holger Bauer <Holger.Bauer@citec-ag.de>, fnjordy@gmail.com
Subject:   Re: pxeboot PC Engines WRAP
Message-ID:  <44CC5C92.1070600@marabu.ch>
In-Reply-To: <7.0.1.0.0.20060729205407.03453c88@pcengines.ch>
References:  <157D367A82DF174EA394C897A261142DD73D88@citec-srv1.citec-ag.local> <7.0.1.0.0.20060729205407.03453c88@pcengines.ch>
next in thread | previous in thread | raw e-mail | index | archive | help 
Pascal Dornier from PC-Engines asks:
> Bei welchem BIOS-Aufruf tritt das Problem auf ? Wird der Aufruf von
> FreeBSD oder von Netboot gemacht ?
(i.e., in which BIOS call does the problem arise)

The GP fault happens in the "!PXE" function 71 (PXENV_GET_CACHED_INFO):

Probing pci nic...
[dp83815]
natsemi_probe: MAC addr 00:0D:B9:02:XX:XX at ioaddr 0X1000
natsemi_probe: Vendor:0X100B Device:0X0020
dp83815: Transceiver default autoneg. enabled, advertise 100 full duplex.
dp83815: Transceiver status 7869 advertising 05E1
dp83815: Setting full-duplex based on negotiated link capability.
Searching for server (DHCP)...\
Loading 192.168.XX.XX:/usr/tftpboot/pxeboot XXXX(0210K done
PXE Loader 1.00

Building the boot loader arguments
Relocating the loader and the BTX
Starting the BTX loader
Consoles: serial port
BIOS drive C: is disk0

PXE version 2.1, real mode entry point @9f40:0680
pxe.c:pxe_init(): doing pxe_call(PXENV_GET_CACHED_INFO)
bangpxe_call 71

int=0000000d  err=00000000  efl=00030002  eip=00000916
eax=0009cf90  ebx=000008eb  ecx=00000000  edx=00003c5a
esi=00000000  edi=00000000  ebp=0009d35e  esp=000003ce
cs=9f40  ds=9f40  es=0000    fs=0000  gs=0000  ss=9cf9
cs:eip=66 0f 01 97 52 00 0f 20-c0 0c 01 0f 22 c0 66 ff
       af 6a 00 66 b8 10 00 8e-d0 89 ec 8e d8 8e c0 8e
ss:esp=00 00 00 00 71 00 00 00-00 00 00 00 e2 fa 09 00
       40 9f f9 9c 00 00 00 00-00 00 00 00 00 00 02 02
BTX halted

which is, as John Baldwin also observed:

[00000001]-> : 0 66,0f,01,97,52,00,0f,20
[00000041]-> : 8 c0,0c,01,0f,22,c0,66,ff
[00000041]-> : 10 af,6a,00,66,b8,10,00,8e,d0,89,ec,8e,d8,8e,c0,8e
[00000020]-> d8086 0
00000000: 66 0f 01 97 52 00     lgdtl  82(%bx)
00000006: 0f 20 c0              mov    %cr0,%eax
00000009: 0c 01                 or     $0x1,%al
0000000b: 0f 22 c0              mov    %eax,%cr0
0000000e: 66 ff af 6a 00        ljmpl  *106(%bx)
00000013: 66 b8 10 00 8e d0     mov    $0xd08e0010,%eax

that code looks like the TinyBIOS "Int 15, AH=87: block move" done in "unreal
mode" (see http://www.pcengines.ch/tb13.zip, http://www.pcengines.ch/tb13.pdf)

FreeBSD appears to have special "FREEBSD_PXEEMU" code (see
http://etherboot.berlios.de/dist/etherboot-5.2.4.tar.bz2) in
etherboot-5.2.4/src/arch/i386/core/pxe.c to play fair with v86mon,
but maybe this is not fair enough for TinyBIOS?

Adrian

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44CC5C92.1070600>