MICRO
Unit - 5Initializing of 80386DX, debugging and virtual 8086 mode Q1) State and explain Processor State after Reset in initialization?A1) 1. The contents of EAX depend upon the results of the power-up self-test. The self-test may be requested externally by assertion of BUSY# at the end of RESET. T2. He EAX register holds zero if the 80386 passed the test. A nonzero value in EAX after self-test indicates that the particular 80386 unit is faulty. If the self-test is not requested, the contents of EAX after RESET is undefined.3. DX holds a component identifier and revision number after RESET as Figure 10-1 illustrates. DH contains 3, which indicates an 80386 component. DL contains a unique identifier of the revision level.4. Control register zero (CR0) contains the values s The ET bit of CR0 is set if an 80387 is present in the configuration (according to the state of the ERROR# pin after RESET). If ET is reset, the configuration either contains an 80287 or does not contain a coprocessor. A software test is required to distinguish between these latter two possibilities.5.The remaining registers and flags are set as follows:
All registers not mentioned above are undefined. Q2) Explain the features in Software Initialization for Real-Address Mode?A2) In real-address mode a few structures must be initialized before a program can take advantage of all the features available in this mode. 1. Stack1. No instructions that use the stack can be used until the stack-segment register (SS) has been loaded. SS must point to an area in RAM. 2. Interrupt Table 1. The initial state of the 80386 leaves interrupts disabled; however, the processor will still attempt to access the interrupt table if an exception or nonmaskable interrupt (NMI) occurs. Initialization software should take one of the following actions:1.1 Change the limit value in the IDTR to zero. This will cause a shutdown if an exception or nonmaskable interrupt occurs. 1.2 Put pointers to valid interrupt handlers in all positions of the interrupt table that might be used by exceptions or interrupts.1.3 Change the IDTR to point to a valid interrupt table. 3. First Instructions 1. After RESET, address lines A{31-20} are automatically asserted for instruction fetches. This fact, together with the initial values of CS:IP, causes instruction execution to begin at physical address FFFFFFF0H. 2. Near (intrasegment) forms of control transfer instructions may be used to pass control to other addresses in the upper 64K bytes of the address space. 3. The first far (intersegment) JMP or CALL instruction causes A{31-20} to drop low, and the 80386 continues executing instructions in the lower one megabyte of physical memory.4. This automatic assertion of address lines A{31-20} allows systems designers to use a ROM at the high end of the address space to initialize the system.Q3) Explain Switching process to Protected Mode in short?A3) 1. Setting the PE bit of the MSW in CR0 causes the 80386 to begin executing in protected mode. The current privilege level (CPL) starts at zero. 2. The segment registers continue to point to the same linear addresses as in real address mode (in real address mode, linear addresses are the same physical addresses).3. Immediately after setting the PE flag, the initialization code must flush the processor's instruction pre fetch queue by executing a JMP instruction. 4. The 80386 fetches and decodes instructions and addresses before they are used; however, after a change into protected mode, the prefetched instruction information (which pertains to real-address mode) is no longer valid.5. A JMP forces the processor to discard the invalid information. Q4) Explain Software Initialization for Protected Mode and its procedure in detail?A4) 1. Most of the initialization needed for protected mode can be done either before or after switching to protected mode.2. If done in protected mode, however, the initialization procedures must not use protected-mode features that are not yet initialized. 1. Interrupt Descriptor Table 1. The IDTR may be loaded in either real-address or protected mode. However, the format of the interrupt table for protected mode is different than that for real-address mode. 2. It is not possible to change to protected mode and change interrupt table formats at the same time; therefore, it is inevitable that, if IDTR selects an interrupt table, it will have the wrong format at some time. 2. Stack1.The SS register may be loaded in either real-address mode or protected mode. If loaded in real-address mode, SS continues to point to the same linear base-address after the switch to protected mode. 3. Global Descriptor Table1. Before any segment register is changed in protected mode, the GDT register must point to a valid GDT. Initialization of the GDT and GDTR may be done in real-address mode. 2. The GDT (as well as LDTs) should reside in RAM, because the processor modifies the accessed bit of descriptors.4. Page Tables1. Page tables and the PDBR in CR3 can be initialized in either real-address mode or in protected mode; however, the paging enabled (PG) bit of CR0 cannot be set until the processor is in protected mode.2. PG may be set simultaneously with PE, or later. When PG is set, the PDBR in CR3 should already be initialized with a physical address that points to a valid page directory. 3. The initialization procedure should adopt one of the following strategies to ensure consistent addressing before and after paging is enabled:4. The page that is currently being executed should map to the same physical addresses both before and after PG is set.5. A JMP instruction should immediately follow the setting of PG. 5. First Task 1. The initialization procedure can run awhile in protected mode without initializing the task register; however, before the first task switch, the following conditions must prevail:2. There must be a valid task state segment (TSS) for the new task. The stack pointers in the TSS for privilege levels numerically less than or equal to the initial CPL must point to valid stack segments.3. The task register must point to an area in which to save the current task state. After the first task switch, the information dumped in this area is not needed, and the area can be used for other purposes. Q5) Explain TLB testing and its structure?A5)TLB testing 1. The 80386 provides a mechanism for testing the Translation Lookaside Buffer (TLB), the cache used for translating linear addresses to physical addresses. 2. Although failure of the TLB hardware is extremely unlikely, users may wish to include TLB confidence tests among other power-up confidence tests for the 80386.2. Structure of the TLB1. The TLB is a four-way set-associative memory. it illustrates the structure of the TLB. There are four sets of eight entries each.2. Each entry consists of a tag and data. Tags are 24-bits wide. They contain the high-order 20 bits of the linear address, the valid bit, and three attribute bits. 3.The data portion of each entry contains the high-order 20 bits of the physical address. Q6) Give a brief description of Test Registers ?A6) 1. Two test registers, are provided for the purpose of testing. TR6 is the test command register, and TR7 is the test data register. These registers are accessed by variants of the MOV instruction.2. A test register may be either the source operand or destination operand. The MOV instructions are defined in both real-address mode and protected mode. 3. The test registers are privileged resources; in protected mode, the MOV instructions that access them can only be executed at privilege level 0.4 An attempt to read or write the test registers when executing at any other privilege level causes a general protection exception.5. Physical Address1. This is the data field of the TLB. On a write to the TLB, the TLB entry allocated to the linear address in TR6 is set to this value. On a TLB lookup, if HT is set, the data field (physical address) from the TLB is read out to this field. If HT is not set, this field is undefined.6. HTFor a TLB lookup, the HT bit indicates whether the lookup was a hit (HT := 1) or a miss (HT := 0). For a TLB write, HT must be set to 1.7. REPFor a TLB write, selects which of four associative blocks of the TLB is to be written. For a TLB read, if HT is set, REP reports in which of the four associative blocks the tag was found; if HT is not set, REP is undefined. Q7) State and explain commands involved in test registers?A7) The test command register (TR6) contains a command and an address tag to use in performing the command:1. CThis is the command bit. There are two TLB testing commands: write entries into the TLB, and perform TLB lookups. To cause an immediate write into the TLB entry, move a doubleword into TR6 that contains a 0 in this bit. To cause an immediate TLB lookup, move a doubleword into TR6 that contains a 1 in this bit.2. Linear AddressOn a TLB write, a TLB entry is allocated to this linear address; the rest of that TLB entry is set per the value of TR7 and the value just written into TR6. On a TLB lookup, the TLB is interrogated per this value; if one and only one TLB entry matches, the rest of the fields of TR6 and TR7 are set from the matching TLB entry.3. VThe valid bit for this TLB entry. The TLB uses the valid bit to identify entries that contain valid data. Entries of the TLB that have not been assigned values have zero in the valid bit. All valid bits can be cleared by writing to CR3.4. D, D#The dirty bit (and its complement) for/from the TLB entry.5. U, U#The U/S bit (and its complement) for/from the TLB entry.6. W, W#The R/W bit (and its complement) for/from the TLB entry.The meaning of these pairs of bits is given by Table , where X represents D, U, or W. The test data register (TR7) holds data read from or data to be written to the TLB. Q8) State and explain debugging features of architecture ?A8) He features of the 80386 architecture that support debugging include:1. Reserved debug interrupt vectorPermits processor to automatically invoke a debugger task or procedure when an event occurs that is of interest to the debugger.2. Four debug address registersPermit programmers to specify up to four addresses that the CPU will automatically monitor.3. Debug control registerAllows programmers to selectively enable various debug conditions associated with the four debug addresses.4. Debug status registerHelps debugger identify condition that caused debug exception.5. Trap bit of TSS (T-bit)Permits monitoring of task switches.6. Resume flag (RF) of flags registerAllows an instruction to be restarted after a debug exception without immediately causing another debug exception due to the same condition.7 Single-step flag (TF)Allows complete monitoring of program flow by specifying whether the CPU should cause a debug exception with the execution of every instruction.8. Breakpoint instructionPermits debugger intervention at any point in program execution and aids debugging of debugger programs.9. Reserved interrupt vector for breakpoint exceptionPermits processor to automatically invoke a handler task or procedure upon encountering a breakpoint instruction.10. These features make it possible to invoke a debugger that is either a separate task or a procedure in the context of the current task. The debugger can be invoked under any of the following kinds of conditions:10.1 Task switch to a specific task.10.2 Execution of the breakpoint instruction.10.3 Execution of every instruction.10.4 Execution of any instruction at a given address.10.5 Read or write of a byte, word, or double word at any specified address.Write to a byte, word, or double word at any specified address.Attempt to change a debug register. Q9) Write a short note on Breakpoint Field Recognition?A9) 1. The linear address and LEN field for each of the four breakpoint conditions define a range of sequential byte addresses for a data breakpoint.2. The LEN field permits specification of a one-, two-, or four-byte field. Two-byte fields must be aligned on word boundaries (addresses that are multiples of two) and four-byte fields must be aligned on double word boundaries (addresses that are multiples of four). 3. These requirements are enforced by the processor; it uses the LEN bits to mask the low-order bits of the addresses in the debug address registers. 4. Properly aligned code or data breakpoint addresses will not yield the expected results.5. A data read or write breakpoint is triggered if any of the bytes participating in a memory access is within the field defined by a breakpoint address register and the corresponding LEN field. gives some examples of breakpoint fields with memory references that both do and do not cause traps. Q10) explain what is Interrupt 3 -- Breakpoint Exception?A10)1. This exception is caused by execution of the breakpoint instruction INT 3. Typically, a debugger prepares a breakpoint by substituting the opcode of the one-byte breakpoint instruction in place of the first opcode byte of the instruction to be trapped.2. When execution of the INT 3 instruction causes the exception handler to be invoked, the saved value of ES:EIP points to the byte following the INT 3 instruction.3. With prior generations of processors, this feature is used extensively for trapping execution of specific instructions. With the 80386, the needs formerly filled by this feature are more conveniently solved via the debug registers and interrupt 1. 4. However, the breakpoint exception is still useful for debugging debuggers, because the breakpoint exception can vector to a different exception handler than that used by the debugger.5. The breakpoint exception can also be useful when it is necessary to set a greater number of breakpoints than permitted by the debug registers. Q11) State and explain Structure of a V86 Task in detail?A11)1. A V86 task consists partly of the 8086 program to be executed and partly of 80386 "native mode" code that serves as the virtual-machine monitor. 2. The task must be represented by an 80386 TSS (not an 80286 TSS). The processor enters V86 mode to execute the 8086 program and returns to protected mode to execute the monitor or other 80386 tasks.3. To run successfully in V86 mode, an existing 8086 program needs the following: - A V86 monitor. - Operating-system services.4. The V86 monitor is 80386 protected-mode code that executes at privilege-level zero. The monitor consists primarily of initialization and exception-handling procedures. 5. As for any other 80386 program, executable-segment descriptors for the monitor must exist in the GDT or in the task's LDT. The linear addresses above 10FFEFH are available for the V86 monitor, the operating system, and other systems software. 6. The monitor may also need data-segment descriptors so that it can examine the interrupt vector table or other parts of the 8086 program in the first megabyte of the address space.In general, there are two options for implementing the 8086 operating system:7. The 8086 operating system may run as part of the 8086 code. This approach is desirable for any of the following reasons:7.1 The 8086 applications code modifies the operating system.7.2 There is not sufficient development time to reimplement the 8086 operating system as 80386 code.8. The 8086 operating system may be implemented or emulated in the V86 monitor. This approach is desirable for any of the following reasons:8.1 Operating system functions can be more easily coordinated among several V86 tasks.8.2 The functions of the 8086 operating system can be easily emulated by calls to the 80386 operating system.
EFLAGS =00000002H IP =0000FFF0H CS selector =000H DS selector =0000H ES selector =0000H SS selector =0000H FS selector =0000H GS selector =0000H
IDTR: Base =0 Limit =03FFH |
0 matching results found