Board view
Mix viewROM-BIOS leaves ds and es limits beyond 64 KiB (Developers)
> I just noticed that testing instructions like mov ax, [FFFF]
> and mov ax, [es:FFFF] do not cause a fault when I boot the
> physical Pentium 3 (686) machine into bootable lDebug. (You want to
> install intfaults before running such tests, to have the
> debugger catch these Real 86 Mode faults in case they do occur.) With cs,
> ss, or fs overrides the instruction does fault (int 0Ch for ss, int 0Dh
> else).
>
> If I boot using boot protocol msdos7 hda2 followed by
> q, which runs a Himem driver, then regardless of the involved
> segment the instruction does fault. (This is without an EMM that switches
> to Virtual 86 Mode, the machine is still in Real 86 Mode.)
>
> So I assume that the ROM-BIOS leaves ds and es limits in an "unreal mode"
> state of higher segment limits than the 64 KiB expected for Real 86 Mode.
> Did you know that this is done by some systems?
Yes. You'd need to verify values of CR0, GDT and IDT but it is possible that some BIOSes, games and other software can/will leave the host in Unreal Mode accidentally.
One fun trick is to write to VGA buffer space using a single 32-bit instruction while in Unreal Mode.
mov ebx,A0000
mov [ds:ebx], byte 1 ; set the pixel "white" using default color palette
https://en.m.wikipedia.org/wiki/Unreal_mode#Uses
https://wiki.osdev.org/Unreal_Mode
Complete thread:
- ROM-BIOS leaves ds and es limits beyond 64 KiB - ecm, 28.10.2025, 17:20 (Developers)
![[Board]](img/board_d.gif "Open in board view")
![[Mix]](img/mix_d.gif "Open in mix view")
- ROM-BIOS leaves ds and es limits beyond 64 KiB - Oso2k, 28.10.2025, 21:46
- ROM-BIOS leaves ds and es limits beyond 64 KiB - ecm, 28.10.2025, 22:03
- ROM-BIOS leaves ds and es limits beyond 64 KiB - Oso2k, 28.10.2025, 21:46
