Date: Fri, 10 Jul 1998 17:17:15 -0400 (EDT)
Message-Id: <199807102117.RAA12362@delorie.com>
From: DJ Delorie <dj AT delorie DOT com>
To: ams AT ludd DOT luth DOT se
CC: eliz AT is DOT elta DOT co DOT il, djgpp-workers AT delorie DOT com
In-reply-to: <199807102052.WAA04526@father.ludd.luth.se> (message from Martin
	Str|mberg on Fri, 10 Jul 1998 22:52:45 +0200 (MET DST))
Subject: Re: info core dumps
Precedence: bulk


> > Note that the value of EAX is 10C000h, which cannot be a valid
> > real-mode address: it's more than 20 bits.  I cannot imagine how could
> > that happen, since that address comes from function 1130h of Int 10h,
> > see the code below.
> 
> Well, it does indirectly come from function 1130h of Int 10h, but note
> that "src =  ( ( (unsigned)regs.x.es ) << 4 ) + regs.x.bp;" and as the
> int 10h function returns es==0xffff and bp==0xbf32 (values from
> running the included function; es==0xffff for info.exe as well, didn't

Addresses up to 0x10ffff are acceptable; TSRs may have moved some
things into high memory (the HMA) including the BIOS font tables.  I
seem to recall recently adding a set of patches to various libc
functions to stop limiting DOS accesses to 20 bits; this may be the
same or a similar issue.