Shadow ROM memory PROBLEM

Adam Agnew agnew at
Tue Oct 29 19:35:00 CET 2002

Hello. In our PCBIOS efforts, we're running into a snag.
We're experience corruption of our shadow memory region, even after we've
set it to read only (using the sis630).

mov eax, #0x80000070
mov dx, #0x0cf8
out dx, eax
mov eax, #0x0000FFFF
mov dx, #0x0cfc
out dx, eax

we're not doing any pci writes at this point (once we've set it to read
only), so does anyone else have any theories on what could cause this?

Here's an example of the insanity going on:

Here, the bios has finished and we're ready to run lilo. The shadow memory
is correct:

000F3189L 260F015408       LGDT        fword ptr ES:[SI]+08
000F318EL 2E0F011E69F8     LIDT        fword ptr CS:[f869]
000F3194L B002             MOV         AL,02
000F3196L E680             OUT         80,AL

Then, we run lilo and we load an unmodified linux kernel. After a random
amount of calls to int13 and int15 to copy the kernel into memory
(sometimes it just takes 20 or so, sometimes 58, and sometimes it doesn't
happen at all) the shadow memory gets corrupted. and we get stuff like

000F3199L 260F01B002E6     LMSW        word ptr ES:[BX+SI]+e602
000F319FL 80011E           ADD         byte ptr [BX+DI],1e
000F31A2L 69F883C8         IMUL        DI,AX,c883

As you see, its all scrambled. The op codes get into a weird order.
I'll try to illustrate with this mapping..

260F015408 2E0F011E69F8 B002 E680
1111111111 222222222222 3333 4444

260F01B002E6 80011E 69F883C8
111111333344 442222 2222

and the addresses in general are all shifted down.

Any ideas, suggestions, insights?

- Adam Agnew

More information about the coreboot mailing list