Date: Thu, 6 Jan 2000 18:15:21 +0200 (IST)
From: Eli Zaretskii <eliz AT is DOT elta DOT co DOT il>
X-Sender: eliz AT is
To: Martin Str|mberg <ams AT ludd DOT luth DOT se>
cc: DJGPP <djgpp AT delorie DOT com>
Subject: Re: The endless int31 hooking debugging continued
In-Reply-To: <200001061534.QAA06152@father.ludd.luth.se>
Message-ID: <Pine.SUN.3.91.1000106180654.22382E-100000@is>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Reply-To: djgpp AT delorie DOT com
Errors-To: dj-admin AT delorie DOT com
X-Mailing-List: djgpp AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk


On Thu, 6 Jan 100, Martin Str|mberg wrote:

> F:\HACKERY\DPMI_SEL>simple7.exe
> cs = a7, ds = af, ss= af.
> got interrupt vector
> Page Fault cr2=10000004 at eip=ff63; flags=3086
> eax=000000af ebx=00000014 ecx=00000012 edx=00000000 esi=000065c4 edi=000142d4
> ebp=0000000e esp=0000ff88 cs=2b ds=af es=1 fs=8f gs=bf ss=af error=0004
> 
> This is so bad it hangs the computer (C-A-D did reboot it).

No surprise!  Look: CS doesn't belong to the DJGPP program, and ES
is 1 (!).

> This seems to be in glob2.

Clearly bogus: by the time disaster strikes, you are *way* past glob 
(which is called from the startup code).

> It sure looks like I destroy the stack severly. But I don't see (in my
> code) that I do.

I think I can help you ;-)

>         movw %ss, %ax
>         movw %ax, _org_ss
>         movw _my_ds, %ax
>         movw %ax, %es
>         movw %ax, %ss

You changed SS, but left ESP at its previous value.  This is a disaster 
waiting to happen.

What you need to do is to save ESP in some variable before calling the 
DPMI functions, then use that saved value inside the hook (decrement it 
by some slack, to guard against usage inside the DPMI functions).

Or, better still, don't call any library functions from within the hook; 
then you don't need to worry about SS and ESP.