From owner-freebsd-emulation  Sun Feb 15 21:13:30 1998
Return-Path: <owner-freebsd-emulation@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA01026
          for freebsd-emulation-outgoing; Sun, 15 Feb 1998 21:13:30 -0800 (PST)
          (envelope-from owner-freebsd-emulation@FreeBSD.ORG)
Received: from allegro.lemis.com (allegro.lemis.com [192.109.197.134])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA01021
          for <emulation@freebsd.org>; Sun, 15 Feb 1998 21:13:26 -0800 (PST)
          (envelope-from grog@lemis.com)
Received: from freebie.lemis.com (freebie.lemis.com [192.109.197.137])
	by allegro.lemis.com (8.8.7/8.8.5) with ESMTP id PAA25888;
	Mon, 16 Feb 1998 15:43:22 +1030 (CST)
Received: (from grog@localhost)
          by freebie.lemis.com (8.8.8/8.8.7) id PAA24459;
          Mon, 16 Feb 1998 15:43:21 +1030 (CST)
          (envelope-from grog)
Message-ID: <19980216154320.42865@freebie.lemis.com>
Date: Mon, 16 Feb 1998 15:43:20 +1030
From: Greg Lehey <grog@lemis.com>
To: The Hermit Hacker <scrappy@hub.org>
Cc: emulation@FreeBSD.ORG
Subject: Re: wine 980215
References: <19980216134825.02381@freebie.lemis.com> <Pine.BSF.3.96.980216005629.261r-100000@thelab.hub.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.89i
In-Reply-To: <Pine.BSF.3.96.980216005629.261r-100000@thelab.hub.org>; from The Hermit Hacker on Mon, Feb 16, 1998 at 12:56:52AM -0400
WWW-Home-Page: http://www.lemis.com/~grog
Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia
Phone: +61-8-8388-8286
Fax: +61-8-8388-8725
Mobile: +61-41-739-7062
Sender: owner-freebsd-emulation@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Mon, 16 February 1998 at  0:56:52 -0400, The Hermit Hacker wrote:
> On Mon, 16 Feb 1998, Greg Lehey wrote:
>
>> Could you go back into the core and try this, please:
>
> 	Gladly :)
>
> (gdb) list
> 134         GET_FS( fs );
> 135         if (!fs) return NULL;
> 136         GET_DS( ds );
> 137         if (fs == ds) return NULL; /* FIXME: should be an assert */
> 138         /* Get the TEB self-pointer */
> 139         __asm__( ".byte 0x64\n\tmovl (%1),%0"
> 140                  : "=r" (teb) : "r" (&((TEB *)0)->self) );
> 141         return teb;
> 142     #else
> 143         if (!pCurrentThread) return NULL;
> (gdb) x/10i $eip
> 0x162835 <NtCurrentTeb+29>:     movl   %fs:(%ecx),%eax
> 0x162838 <NtCurrentTeb+32>:     leave
> 0x162839 <NtCurrentTeb+33>:     ret
> 0x16283a <NtCurrentTeb+34>:     nop
> 0x16283b <NtCurrentTeb+35>:     nop
> 0x16283c <NtCurrentTeb+36>:     xorl   %eax,%eax
> 0x16283e <NtCurrentTeb+38>:     leave
> 0x16283f <NtCurrentTeb+39>:     ret
> 0x162840 <THREAD_Ops>:  movsb  %ds:(%esi),%es:(%edi)
> 0x162841 <THREAD_Ops+1>:        subl   (%esi),%edx
> (gdb) i reg
> eax            0x27     39
> ecx            0x18     24
> edx            0x1f     31
> ebx            0x20350000       540344320
> esp            0xefbfd608       0xefbfd608
> ebp            0xefbfd608       0xefbfd608
> esi            0x10     16
> edi            0x20350070       540344432
> eip            0x162835 0x162835
> eflags         0x10283  66179
> cs             0x1f     31
> ss             0x27     39
> ds             0x27     39
> es             0x27     39
> fs             0x1f     31
> gs             0x27     39
> (gdb)

Hmm.  That wasn't quite what I was expecting.  The instruction loads a
word from code space into register eax.  It does this by loading the
fs register to the same value as cs.  Unfortunately, the address
specified (in ecx) is invalid (0x18).  This is obviously the offset of
self in the TEB structure.

I can't see how this can work on FreeBSD, since we don't map anything
in the first page of any address space.  Maybe you can figure out what
they're trying to do and write a FreeBSD version.

Greg

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-emulation" in the body of the message