DOS32AWE disassembly

1. ; ---------------------------------------------------------------------------
2.  
3. i31_handler struc ; (sizeof=0x4)
4. func dw ?
5. handler dw ? ; offset (00010060)
6. i31_handler ends
7.  
8. ; ---------------------------------------------------------------------------
9.  
10. dfn_struc struc ; (sizeof=0x6)
11. name dw ? ; offset (00012F00)
12. namelen dw ?
13. handler dw ? ; offset (00012F00)
14. dfn_struc ends
15.  
16. ; ---------------------------------------------------------------------------
17.  
18. errtabentry struc ; (sizeof=0x4)
19. category db ?
20. kind db ?
21. table dw ? ; offset (00012F00)
22. errtabentry ends
23.  
24. ; ---------------------------------------------------------------------------
25.  
26. vec8 struc ; (sizeof=0x8)
27. _ip dd ?
28. _cs dw ?
29. _rsvd dw ?
30. vec8 ends
31.  
32. ; ---------------------------------------------------------------------------
33.  
34. str4 struc ; (sizeof=0x5)
35. str db 5 dup(?) ; string(C)
36. str4 ends
37.  
38. ; ---------------------------------------------------------------------------
39.  
40. str2 struc ; (sizeof=0x3)
41. field_0 db 3 dup(?) ; string(C)
42. str2 ends
43.  
44.  
45. ;
46. ; +-------------------------------------------------------------------------+
47. ; | This file has been generated by The Interactive Disassembler (IDA) |
48. ; | Copyright (c) 2009 by Hex-Rays, <support@hex-rays.com> |
49. ; +-------------------------------------------------------------------------+
50. ;
51. ; Input MD5 : 9B2E82344CEA87814EDA8A3D5C35C8C5
52.  
53. ; File Name : C:\Users\Michael\Documents\Reversing\drivers\sound\DOS32AWE\DOS32AWE.EXE
54. ; Format : MS-DOS executable (EXE)
55. ; Base Address: 1000h Range: 10000h-174C0h Loaded length: 6CC0h
56. ; Entry Point : 12F0:2C6C
57.  
58. .686p
59. .mmx
60. .model large
61.  
62. ; ===========================================================================
63.  
64. ; Segment type: Regular
65. ID32 segment byte public 'UNK' use16
66. assume cs:ID32
67. assume es:nothing, ss:nothing, ds:nothing, fs:nothing, gs:nothing
68. ID_magic db 'ID32'
69. ID_mode db 3Fh
70. ID_maxpages db 40h
71. ID_maxfpages db 2
72. ID_callbacks db 10h
73. ID_selectors dw 100h
74. ID_rmstacks db 8
75. ID_pmstacks db 8
76. ID_rmstacklen dw 20h
77. ID_pmstacklen dw 20h
78. ID_maxextmem dd 0FFFFFFFFh
79. ID_misc1 db 77h ; DOS32AWE: -report modified ints
80. ; +cls on exception
81. ID_misc2 db 49h ; DOS32AWE: +lock configuration
82. ID_lowmembuf dw 200h
83. ID_version dw 90Ch
84. ID_rsvd dw 0
85. aDos32a db 'DOS/32A',0
86. aCopyrightC19962006ByNa db 'Copyright (C) 1996-2006 by Narech K.',0
87. a100721 db '10/07/21',0
88. a234911 db '23:49:11',0
89. db 0
90. db 0
91. db 0
92. db 0
93. db 0
94. ID32 ends
95.  
96. ; ===========================================================================
97.  
98. ; Segment type: Pure code
99. KERNEL segment byte public 'CODE' use16
100. assume cs:KERNEL
101. assume es:nothing, ss:nothing, ds:KERNEL, fs:nothing, gs:nothing
102. pm32_mode db 0FFh
103. pm32_maxpages db 0FFh
104. pm32_maxfpages db 0FFh
105. pm32_callbacks db 0FFh
106. pm32_selectors dw 0FFFFh
107. pm32_rmstacks db 0FFh
108. pm32_pmstacks db 0FFh
109. pm32_rmstacklen dw 0FFFFh
110. pm32_pmstacklen dw 0FFFFh
111. pm32_maxextmem dd 0FFFFFFFFh
112. client_call dw 2 dup(0)
113. client_version dw 0
114. kernel_code dw 0
115. cputype db 0
116. fputype db 0
117. pmodetype db 0
118. pagetables db 0
119. picslave db 0
120. picmaster db 0
121. _rsvd1 db 0
122. A20_state db 0
123. cpuidlvl dd 0
124. codebase dd 0
125. dpmiepmode dd 0
126. selzero dw 18h
127. seldata dw 10h
128. selcallback dw 48h
129. gdtseg dw 0
130. gdtlimit dw 0
131. gdtbase dd 0
132. idtseg dw 0
133. idtlimit dw 7FFh
134. idtbase dd 0
135. rmidtlimit dw 3FFh
136. rmidtbase dd 0
137. rmtopmswrout dw offset v_rmtopmsw
138. pmtormswrout dd 115Ch
139. xms_call dd 0
140. xms_data dd 0
141. xms_handle dw 0
142. vcpi_cr3 dd 0
143. vcpi_gdtaddx dd offset gdtlimit
144. vcpi_idtaddx dd offset idtlimit
145. vcpi_selldt dw 0
146. vcpi_seltss dw 20h
147. vcpi_eip dd offset v_rmtopmswpm
148. vcpi_cs dw 8
149. vcpi_calleip dd 0
150. vcpi_callcs dw 28h
151. vcpi_allocmem dw 0
152. vcpistrucaddx dd offset vcpi_cr3
153. vcpiswitchstack dd 0
154. int31h_cache_fn dw 0EEFFh
155. int31h_cache_ptr dw offset int31_EEFF
156. align 4
157.  
158. ; =============== S U B R O U T I N E =======================================
159.  
160. ; also mem_ptr
161.  
162. pm32_info proc far
163. cld
164. push ds
165.  
166. loc_100E6:
167. push es
168. push cs
169.  
170. mem_free:
171. push cs
172. pop ds
173. pop es
174.  
175. mem_top_minus1: ; also _pc_irqrmtopm
176. call cpu_detect
177. cmp al, 3
178.  
179. mem_used: ; also base of real mode alias table
180. mov ax, 1
181. jnb short @@0
182. jmp @@fail
183. ; ---------------------------------------------------------------------------
184.  
185. @@0:
186. call fpu_detect
187. mov ah, 30h
188. int 21h ; DOS - GET DOS VERSION
189. ; Return: AL = major version number (00h for DOS 1.x)
190. cmp al, 4
191. mov ax, 0
192. jb @@fail
193. mov ax, 4300h
194. int 2Fh ; - Multiplex - XMS - INSTALLATION CHECK
195. ; Return: AL = 80h XMS driver installed
196. ; AL <> 80h no driver
197. cmp al, 80h ; '€'
198. jnz short @@1
199. push es
200. mov ax, 4310h
201. int 2Fh ; - Multiplex - XMS - GET DRIVER ADDRESS
202. ; Return: ES:BX -> driver entry point
203. mov word ptr xms_call, bx
204.  
205. loc_1011B:
206. mov word ptr xms_call+2, es
207. mov ah, 30h
208. int 21h ; DOS - GET DOS VERSION
209. ; Return: AL = major version number (00h for DOS 1.x)
210. mov ah, 88h ; 'ˆ'
211. xor bx, bx
212. call xms_call
213. test bl, bl
214. jz short @@xms1
215. mov ah, 8
216.  
217. _pc_irqcbrmtopm: ; also irqset_rm - 3
218. call xms_call
219.  
220. irqset_pm_minus1:
221. movzx eax, ax
222.  
223. irqtabrm_minus1:
224. @@xms1:
225. mov xms_data, eax
226. pop es
227. pushf
228. pop ax
229. and ah, 0CFh
230. push ax
231. popf
232. pushf
233. pop ax
234. test ah, 30h
235. jz short @@4
236.  
237. @@1:
238. call @@detect_VCPI
239. call @@detect_DPMI
240. smsw ax
241. and al, 1
242. mov ax, 2
243. jnz short @@fail
244.  
245. @@4:
246. cmp xms_data, 0
247. setnz ch
248. mov bx, 80h ; '€'
249.  
250. @@vcpi:
251. movzx ax, pm32_rmstacks
252. imul ax, pm32_rmstacklen
253. add bx, ax
254. movzx ax, pm32_pmstacks
255.  
256. irqtab_pm_minus1:
257. imul ax, pm32_pmstacklen
258.  
259. irqtab_pm_plus4:
260. add bx, ax
261. movzx ax, pm32_callbacks
262. imul ax, 19h
263. add ax, 0Fh
264. shr ax, 4
265. add bx, ax
266. mov ax, pm32_selectors
267. add ax, 0Bh
268. shr ax, 1
269. add bx, ax
270.  
271. @@done:
272. xor ax, ax
273. mov cl, cputype
274. mov pmodetype, ch
275. mov dx, (offset get_default_config - 0FFFFD6B0h)
276. mov di, offset v_init__cbdata1B
277.  
278. @@exit:
279. pop es
280. pop ds
281. retf
282. ; ---------------------------------------------------------------------------
283.  
284. @@fail:
285. stc
286. jmp short @@exit
287. ; ---------------------------------------------------------------------------
288.  
289. @@detect_DPMI:
290. pop bp
291. mov ax, 1687h
292. int 2Fh ; - Multiplex - MS WINDOWS - Mode Interface - INSTALLATION CHECK
293. ; Return: AX = 0000h if installed, BX = flags
294. ; CL = processor type, DH = DPMI major version
295. ; DL = DPMI minor version
296. ; SI = number of paragraphs
297. ; ES:DI -> DPMI mode-switch entry point
298. test ax, ax
299. jnz short @@d0
300. mov ax, 1
301. cmp cl, 3
302. jb short @@fail
303. mov al, 3
304. test bl, 1
305. jz short @@fail
306. mov word ptr dpmiepmode, di
307. mov word ptr dpmiepmode+2, es
308. mov bx, si
309. mov ch, 3
310. jmp short @@done
311. ; ---------------------------------------------------------------------------
312.  
313. @@d0:
314. jmp bp
315. ; ---------------------------------------------------------------------------
316.  
317. @@detect_VCPI:
318. pop bp
319. xor ax, ax
320. mov es, ax
321. assume es:nothing
322. mov ax, es:19Ch
323. or ax, es:19Eh
324. jz short @@d0
325. mov ax, 0DE00h
326. int 67h ; - LIM EMS Program Interface - INSTALLATION CHECK
327. ; Return: AH = 00h VCPI is present, BH = major version number
328. ; BL = minor version number, AH nonzero VCPI not present
329. test ah, ah
330. jnz short @@d0
331. mov ax, 0DE0Ah
332. int 67h ; - LIM EMS Program Interface - GET 8259 INTERRUPT VECTOR MAPPINGS
333. ; Return: AH = 00h successful, BX = first vector used by master 8259 (IRQ0)
334. ; CX = first vector used by slave 8259 (IRQ8)
335. ; AH nonzero: failed
336.  
337. exctabpm_minus3:
338. mov picmaster, bl
339.  
340. exctabpm_plus1:
341. mov picslave, cl
342. mov ax, 4
343. cmp bl, cl
344. jz short @@fail
345. cmp bl, 30h
346. jz short @@fail
347. cmp cl, 30h
348. jz short @@fail
349. cmp cl, 8
350. jz short @@fail
351. test bl, bl
352. jz short @@fail
353. test cl, cl
354. jz short @@fail
355. mov edx, xms_data
356. mov ecx, edx
357. jecxz @@v1
358. test pm32_mode, 8
359. jz short loc_10237
360. call xms_allocmem
361. mov di, dx
362. dec ax
363. jz short @@v1
364.  
365. loc_10237:
366. xor ecx, ecx
367.  
368. @@v1:
369. mov ax, 0DE03h
370. int 67h ; - LIM EMS Program Interface - GET NUMBER OF FREE 4K PAGES
371. ; Return: AH = 00h successful, EDX = number of free 4K pages
372. ; AH nonzero: failed
373. push es
374. push ecx
375. push edx
376. push di
377. test pm32_mode, 4
378. jz short @@v1a ; __linkproc__ v1a
379. mov ah, 48h ; 'H'
380. mov bx, 100h
381. int 21h ; DOS - 2+ - ALLOCATE MEMORY
382. ; BX = number of 16-byte paragraphs desired
383. jb short @@v1a ; __linkproc__ v1a
384. mov es, ax
385. assume es:nothing
386. xor di, di
387. sub sp, 18h
388. mov si, sp
389. push ds
390. push ss
391. pop ds
392. mov ax, 0DE01h
393. int 67h ; - LIM EMS Program Interface - GET PROTECTED MODE INTERFACE
394. ; ES:DI -> 4K page table buffer
395. ; DS:SI -> three descriptor table entries in GDT
396. ; Return: AH = 00h successful, AH = nonzero failed
397. pop ds
398. add sp, 18h
399. mov ah, 49h
400. int 21h ; DOS - 2+ - FREE MEMORY
401. ; ES = segment address of area to be freed
402. mov eax, 1000h
403. sub ax, di
404. shr ax, 2
405. jmp short @@v1b
406. ; ---------------------------------------------------------------------------
407.  
408. ; __linkproc__ v1a
409. @@v1a:
410. xor eax, eax
411.  
412. tempw1:
413. @@v1b:
414. pop di
415.  
416. tempw2_aka_tempd1:
417. pop edx
418. pop ecx
419. pop es
420. assume es:nothing
421.  
422. oldcr0:
423. mov esi, ecx
424.  
425. oldint15h:
426. shr esi, 2
427.  
428. oldint1Bh_and_1Ch:
429. lea esi, [edx+esi+3FFh]
430.  
431. oldint21h:
432. sub esi, eax
433.  
434. oldint23h_minus1:
435. jnb short @@v1c
436. adc esi, eax
437.  
438. oldint24h:
439. @@v1c:
440. shr esi, 0Ah
441.  
442. oldint2Fh: ; __linkproc__ v2
443. jecxz @@v2
444.  
445. newint1Bh:
446. mov dx, di
447. mov ah, 0Ah
448.  
449. newint1Ch:
450. call xms_call
451.  
452. ; __linkproc__ v2
453. @@v2:
454. movzx ax, pm32_maxpages
455.  
456. newint24h:
457. cmp ax, si
458. jbe short @@v3
459.  
460. id32_mem_free:
461. mov ax, si
462.  
463. @@v3:
464. test ax, ax
465.  
466. id32_mem_ptr:
467. jnz short @@v5
468. pushad
469.  
470. id32_mem_vcpi:
471. mov bp, sp
472.  
473. id32_process_id_minus2:
474. mov ax, 0FF88h
475. int 21h ; DOS - DOS v??? - OEM FUNCTION
476.  
477. pagetablebase_minus5: ; also id32_tsrmode - 3
478. cmp eax, 'ID32' ; also id32_spawned_id - 1
479. jnz short @@v4
480.  
481. pagetabletop:
482. mov [bp+1Ch], si
483.  
484. @@v4:
485. popad
486.  
487. pagetablefree:
488. @@v5:
489. cmp al, 40h ; '@'
490. jbe short phystabletop_minus2
491.  
492. phystablebase:
493. mov al, 40h ; '@'
494.  
495. phystabletop_minus2:
496. mov pagetables, al
497. add al, pm32_maxfpages
498. shl ax, 8
499. add ax, 100h+100h+0FFh+7+80h
500.  
501. _pc_intrmtopm_minus1:
502. mov bx, ax
503. mov ch, 2
504.  
505. _pc_intpmtorm:
506. jmp @@vcpi
507. ; ---------------------------------------------------------------------------
508. jmp bp
509. pm32_info endp ; sp-analysis failed
510.  
511.  
512. ; =============== S U B R O U T I N E =======================================
513.  
514. ; also _pc_irqrmtopm
515.  
516. cpu_detect proc near
517. cli
518. mov cl, 2
519. pushf
520.  
521. _pc_irqpmtorm:
522. pop ax
523. or ax, 0F000h
524.  
525. loc_102F4:
526. push ax
527. popf
528. pushf
529. pop ax
530.  
531. _pc_irqcbpmtorm:
532. and ax, 0F000h
533.  
534. _pc_cbrmtopm: ; also _pc_cbpmtorm-1
535. jnz short @@1
536. jmp short @@x1
537. ; ---------------------------------------------------------------------------
538.  
539. ; __linkproc__ 1
540. @@1: ; also _pc_cbpmtorm-1
541. inc cl
542. pushfd
543.  
544. pmstacklen_minus1:
545. pop eax
546. mov edx, eax
547.  
548. pmstackbase_and_top:
549. xor eax, 40000h
550. push eax
551.  
552. pmstacktop2:
553. popfd
554. pushfd
555.  
556. rmstacklen:
557. pop eax
558.  
559. rmstackbase_and_top:
560. xor eax, edx
561.  
562. rmstacktop2:
563. jnz short @@2
564. jmp short @@x1
565. ; ---------------------------------------------------------------------------
566.  
567. @@2:
568. inc cl
569. push edx
570. popfd
571.  
572. rmstackesp:
573. pushfd
574. pushfd
575.  
576. rmstackss:
577. pop eax
578. mov edx, eax
579.  
580. callbackbase_and_seg:
581. xor eax, 200000h
582. push eax
583.  
584. irqcallbackptr:
585. popfd
586.  
587. oldNMI:
588. pushfd
589. pop eax
590.  
591. newNMI:
592. xor eax, edx
593. jnz short @@3
594. jmp short @@x2
595. ; ---------------------------------------------------------------------------
596.  
597. @@3:
598. xor eax, eax
599. cpuid
600. mov cpuidlvl, eax
601. mov eax, 1
602. cpuid
603. and ah, 0Fh
604. mov cl, ah
605.  
606. @@x2:
607. popfd
608. xor eax, eax
609. xor edx, edx
610.  
611. @@x1:
612. mov al, cl
613. mov cputype, al
614. sti
615. retn
616. cpu_detect endp
617.  
618.  
619. ; =============== S U B R O U T I N E =======================================
620.  
621. ; Attributes: bp-based frame fpd=4
622.  
623. fpu_detect proc near
624.  
625. _fpu_type = word ptr -4
626. _control_word = word ptr -2
627.  
628. push large 0
629. mov bp, sp
630. fninit
631. fnstcw [bp+4+_control_word]
632. mov ax, [bp+4+_control_word]
633. cmp ah, 3
634. jnz short loc_103C7
635. mov [bp+4+_fpu_type], 1
636. and [bp+4+_control_word], 0FF7Fh
637. wait
638. fldcw [bp+4+_control_word]
639. fdisi
640. fstcw [bp+4+_control_word]
641. wait
642. test [bp+4+_control_word], 80h
643. jnz short loc_103C7
644. mov [bp+4+_fpu_type], 2
645. fninit
646. wait
647. fld1
648. wait
649. fldz
650. wait
651. fdivp st(1), st
652. wait
653. fld st
654. wait
655. fchs
656. wait
657. fcompp
658. fstsw ax
659. fclex
660. wait
661. sahf
662. jz short loc_103C7
663. mov [bp+4+_fpu_type], 3
664. mov al, cputype
665. cmp al, 4
666. jb short loc_103C7
667. mov byte ptr [bp+4+_fpu_type], al
668.  
669. loc_103C7:
670. pop eax
671. and eax, 7
672. jz short loc_103D9
673. mov cx, 8
674.  
675. loc_103D2:
676. fldz
677. loop loc_103D2
678. finit
679.  
680. loc_103D9:
681. mov fputype, al
682. retn
683. fpu_detect endp
684.  
685. ; ---------------------------------------------------------------------------
686. align 4
687.  
688. ; =============== S U B R O U T I N E =======================================
689.  
690.  
691. pm32_init_new proc far
692.  
693. ; FUNCTION CHUNK AT 0526 SIZE 0000001D BYTES
694. ; FUNCTION CHUNK AT 0550 SIZE 0000011F BYTES
695. ; FUNCTION CHUNK AT 07AF SIZE 0000047A BYTES
696.  
697. push ax ; DOS32AWE ADDITION: This seems to patch AWEUTIL
698. push bx
699. push ds
700. xor ax, ax
701. mov ds, ax
702. assume ds:nothing
703. mov ax, ds:0Ah
704. mov bx, ds:8
705. add bx, 9
706. mov ds, ax
707. assume ds:KERNEL
708. cmp dword ptr [bx], 40A861E4h
709. jnz short loc_1040E
710. cmp byte ptr [bx+4], 74h ; 't'
711. jnz short loc_1040E
712. mov dword ptr [bx], 90909090h
713. mov word ptr [bx+4], 9090h
714.  
715. loc_1040E:
716. pop ds
717. pop bx
718. pop ax ; DOS32AWE ADDITION END
719.  
720. pm32_init:
721. cld
722. pushad
723. push ds
724. push cs
725. pop ds
726. xor eax, eax
727. mov kernel_code, cs
728. mov client_version, bx
729. mov client_call, dx
730. mov ax, cs
731. shl eax, 4
732. mov codebase, eax
733. add vcpi_gdtaddx, eax
734. add vcpi_idtaddx, eax
735. add vcpistrucaddx, eax
736. btr pm32_maxextmem, 1Fh
737. push es
738. push cs
739. pop es
740. assume es:KERNEL
741. mov di, offset pm32_info ; also mem_ptr
742. mov cx, 17Eh
743. xor ax, ax
744. rep stosw
745. pop es
746. assume es:nothing
747. mov bp, sp
748. mov [bp+2], ax
749. mov ax, 0FF88h
750. int 21h ; DOS - DOS v??? - OEM FUNCTION
751. cmp eax, 'ID32'
752. jnz short loc_10490
753. mov [bp+2], bx
754. cmp bx, client_version
755. jnz short loc_10490
756. mov dword ptr id32_mem_free, ecx
757. mov dword ptr id32_mem_ptr, edx
758. mov dword ptr id32_mem_vcpi, edi
759. shr esi, 10h
760. inc si
761. mov word ptr id32_process_id_minus2+2, si
762. mov pm32_maxextmem, 0
763.  
764. loc_10490:
765. movzx bx, pmodetype
766. add bx, bx
767. jmp word ptr @@init[bx]
768. ; ---------------------------------------------------------------------------
769. @@init:
770. dw offset r_init
771. dw offset x_init
772. dw offset v_init__cbdata1B
773. dw offset d_init
774. ; ---------------------------------------------------------------------------
775.  
776. dxvr_init:
777. xor ax, ax
778. mov cx, 1
779. int 31h ; DPMI Services ax=func xxxxh
780. ; ALLOCATE LDT DESCRS
781. ; CX = number of descriptors to allocate
782. ; Return: CF set on error
783. ; CF clear if successful, AX = base selector
784. jnb short @@0
785.  
786. @@err:
787. mov ax, 4CFFh
788. int 21h ; DOS - 2+ - QUIT WITH EXIT CODE (EXIT)
789. ; AL = exit code
790. ; ---------------------------------------------------------------------------
791.  
792. @@0:
793. mov bp, sp
794. mov bx, ax
795. mov ax, 7
796. mov dx, [bp+24h]
797. mov cx, dx
798. shl dx, 4
799. shr cx, 0Ch
800. int 31h ; DPMI Services ax=func xxxxh
801. ; SET SEGMENT BASE ADDRESS
802. ; BX = selector, CX:DX = linear base address
803. ; Return: CF set on error
804. ; CF clear if successful
805. jb short @@err
806. inc ax
807. xor cx, cx
808. mov dx, 0FFFFh
809. int 31h ; DPMI Services ax=func xxxxh
810. ; SET SEGMENT LIMIT
811. ; BX = selector, CX:DX = segment limit
812. ; Return: CF set on error
813. ; CF clear if successful
814. jb short @@err
815. inc ax
816. mov dx, cs
817. lar cx, dx
818. shr cx, 8
819. int 31h ; DPMI Services ax=func xxxxh
820. ; SET DESCRIPTOR ACCESS RIGHTS
821. ; BX = selector, CL = access rights/type byte
822. ; CH = 80386 extended rights/type byte (32-bit DPMI implementations only)
823. ; Return: CF set on error
824. ; CF clear if successful
825. jb short @@err
826. mov [bp+24h], bx
827. cmp cs:pmodetype, 3
828. jz short @@1_dxvr
829. push ds
830. mov ds, cs:seldata
831. mov client_call+2, bx
832. pop ds
833.  
834. @@1_dxvr:
835. xor bx, bx
836.  
837. init_done:
838. mov [bp+1Eh], bx
839. jb short @@1_id
840. mov eax, dword ptr cs:mem_free
841. mov edx, dword ptr cs:pm32_info ; also mem_ptr
842. mov [bp+1Ah], eax
843. mov [bp+16h], edx
844. or eax, edx
845. jnz short @@1_id
846. call init_done_id32
847.  
848. @@1_id:
849. pop ds
850. popad
851. mov bx, cs
852. mov si, word ptr cs:id32_process_id_minus2+2
853. cld
854. retf
855. pm32_init_new endp ; sp-analysis failed
856.  
857.  
858. ; =============== S U B R O U T I N E =======================================
859.  
860.  
861. init_done_id32 proc near
862. cmp cs:pmodetype, 3
863. jz short locret_10585
864. mov ds, cs:seldata
865. cmp word ptr id32_process_id_minus2+2, 0
866. jz short locret_10585
867. mov eax, dword ptr id32_mem_free
868. mov edx, dword ptr id32_mem_ptr
869. mov [bp+1Ah], eax
870. mov [bp+16h], edx
871. mov dword ptr mem_free, eax
872. mov dword ptr pm32_info, edx ; also mem_ptr
873. lea ecx, [eax+10h]
874. lea eax, [ecx+edx]
875. mov dword ptr mem_top_minus1+1, eax
876. mov al, pmodetype
877. cmp al, 0
878. jz short locret_10585
879. cmp al, 1
880. jz short locret_10585
881. push es
882.  
883. loc_1056A:
884. mov esi, dword ptr id32_mem_vcpi
885. mov edi, dword ptr pagetablefree
886. mov es, selzero
887. mov ds, selzero
888. shr ecx, 0Ch
889. rep movs dword ptr es:[edi], dword ptr [esi]
890. pop es
891.  
892. locret_10585:
893. retn
894. init_done_id32 endp
895.  
896. ; ---------------------------------------------------------------------------
897. ; START OF FUNCTION CHUNK FOR pm32_init_new
898.  
899. d_init:
900. pop ds
901. mov ax, 1
902. call cs:dpmiepmode
903. push ds
904. jnb dxvr_init
905. mov bx, 6
906. cmp ax, 8011h
907. stc
908. jz init_done
909. dec bx
910. jmp init_done
911. ; END OF FUNCTION CHUNK FOR pm32_init_new
912. ; ---------------------------------------------------------------------------
913. align 10h
914. ; START OF FUNCTION CHUNK FOR pm32_init_new
915.  
916. v_init__cbdata1B:
917. xor eax, eax
918. mov ax, es
919. add ax, 0FFh
920. xor al, al
921. mov es, ax
922. assume es:nothing
923. mov dx, ax
924. shl eax, 4
925. add eax, 1000h
926. mov dword ptr pagetablebase_minus5+5, eax ; also id32_tsrmode - 3
927. ; also id32_spawned_id - 1
928. add eax, 1000h
929. movzx ecx, pagetables
930. shl ecx, 0Ch
931. add eax, ecx
932.  
933. cbdata1Ch:
934. mov dword ptr pagetabletop+1, eax
935. mov dword ptr phystablebase, eax
936. movzx ecx, pm32_maxfpages
937. shl ecx, 0Ch
938. add eax, ecx
939. mov dword ptr phystabletop_minus2+2, eax
940. xor di, di
941. xor eax, eax
942. mov cx, 800h
943. rep stosd
944. mov gs, dx
945. assume gs:nothing
946. mov ax, dx
947. add ax, 100h
948. mov es, ax
949. assume es:nothing
950. mov fs, ax
951. assume fs:nothing
952. sub sp, 18h
953. mov si, sp
954.  
955. cbdata23h:
956. xor di, di
957. push ds
958. push ss
959. pop ds
960. mov ax, 0DE01h
961. int 67h ; - LIM EMS Program Interface - GET PROTECTED MODE INTERFACE
962. ; ES:DI -> 4K page table buffer
963. ; DS:SI -> three descriptor table entries in GDT
964. ; Return: AH = 00h successful, AH = nonzero failed
965. pop ds
966. push di
967. mov vcpi_calleip, ebx
968.  
969. @@1_v:
970. and byte ptr es:[di+1], 0F1h
971. sub di, 4
972. jnb short @@1_v
973. mov cx, dx
974. shr cx, 8
975. mov ax, 0DE06h
976. int 67h ; - LIM EMS Program Interface - GET PHYS ADDR OF PAGE IN FIRST MB
977. ; CX = page number (linear address shifted right 12 bits)
978. ; Return: AH = 00h successful, EDX = physical address of page
979. ; AH nonzero: invalid page number (AH = 8Bh recommended)
980. and dx, 0F000h
981. mov vcpi_cr3, edx
982. mov cx, es
983. shr cx, 8
984.  
985. cbdata24:
986. mov ax, 0DE06h
987. int 67h ; - LIM EMS Program Interface - GET PHYS ADDR OF PAGE IN FIRST MB
988. ; CX = page number (linear address shifted right 12 bits)
989. ; Return: AH = 00h successful, EDX = physical address of page
990. ; AH nonzero: invalid page number (AH = 8Bh recommended)
991. and dh, 0F0h
992. mov dl, 7
993. mov gs:0, edx
994. mov ax, es
995. add ax, 100h
996. mov es, ax
997. assume es:nothing
998. mov si, ax
999. mov al, pagetables
1000. mov ebx, 1
1001. call vcpi_setup_pagetables
1002. mov ax, gs
1003. add ax, 80h ; '€'
1004. mov gs, ax
1005. assume gs:nothing
1006. mov al, pm32_maxfpages
1007. xor ebx, ebx
1008. call vcpi_setup_pagetables
1009. pop di
1010. xor eax, eax
1011. test pm32_mode, 4
1012. jnz short @@2_v
1013. mov di, 1000h
1014.  
1015. @@2_v:
1016. mov ax, di
1017. add eax, dword ptr pagetablebase_minus5+5 ; also id32_tsrmode - 3
1018. ; also id32_spawned_id - 1
1019. mov dword ptr pagetablefree, eax
1020. push si
1021. push es
1022. call vcpi_alloc_ems
1023. pop es
1024. assume es:nothing
1025. pop si
1026. push si
1027. xor di, di
1028. mov cx, 34h ; '4'
1029. xor ax, ax
1030. rep stosw
1031. mov eax, vcpi_cr3
1032. mov es:1Ch, eax
1033.  
1034. loc_106AE:
1035. mov dword ptr es:64h, 680000h
1036. add si, 7
1037. mov es, si
1038. mov rmtopmswrout, offset v_rmtopmsw
1039. mov pmtormswrout, offset v_pmtormsw
1040. jmp vxr_init
1041. ; END OF FUNCTION CHUNK FOR pm32_init_new
1042.  
1043. ; =============== S U B R O U T I N E =======================================
1044.  
1045.  
1046. vcpi_setup_pagetables proc near
1047. push bp
1048. movzx bp, al
1049. test bp, bp
1050. jz short loc_10705
1051.  
1052. loc_106D7:
1053. mov cx, si
1054. shr cx, 8
1055. mov ax, 0DE06h
1056. int 67h ; - LIM EMS Program Interface - GET PHYS ADDR OF PAGE IN FIRST MB
1057. ; CX = page number (linear address shifted right 12 bits)
1058. ; Return: AH = 00h successful, EDX = physical address of page
1059. ; AH nonzero: invalid page number (AH = 8Bh recommended)
1060. and dh, 0F0h
1061. mov dl, 7
1062. mov gs:0[ebx*4], edx
1063. add si, 100h
1064. mov es, si
1065. xor di, di
1066. xor eax, eax
1067. mov cx, 400h
1068. rep stosd
1069. inc bx
1070. dec bp
1071. jnz short loc_106D7
1072.  
1073. loc_10705:
1074. pop bp
1075. retn
1076. vcpi_setup_pagetables endp
1077.  
1078.  
1079. ; =============== S U B R O U T I N E =======================================
1080.  
1081.  
1082. vcpi_alloc_ems proc near
1083. push fs
1084. pop es
1085. assume es:nothing
1086. movzx eax, pagetables
1087. shl eax, 16h
1088. mov ecx, 1000h
1089. sub cx, di
1090. and cl, 0FCh
1091. shl ecx, 0Ah
1092. add eax, ecx
1093. mov ecx, pm32_maxextmem
1094. cmp ecx, eax
1095. jbe short @@0
1096. mov ecx, eax
1097.  
1098. @@0:
1099. xor ebx, ebx
1100. jecxz @@done
1101.  
1102. @@1:
1103. cmp di, 1000h
1104. jb short @@2
1105. mov ax, es
1106. add ax, 100h
1107. mov es, ax
1108. assume es:nothing
1109. xor di, di
1110.  
1111. @@2:
1112. mov ax, 0DE04h
1113. int 67h ; - LIM EMS Program Interface - ALLOCATE A 4K PAGE
1114. ; Return: AH = 00h successful, EDX = physical address of allocated page
1115. ; AH nonzero: failed
1116. test ah, ah
1117. jnz short @@3
1118. and dh, 0F0h
1119. mov dl, 7
1120. mov es:[di], edx
1121. add di, 4
1122. inc bx
1123. sub ecx, 1000h
1124. ja short @@1
1125.  
1126. @@3:
1127. mov vcpi_allocmem, bx
1128. cmp ecx, 1000h
1129. jb short loc_1077E
1130. test pm32_mode, 8
1131. jz short loc_1077E
1132. call vcpi_alloc_xms
1133.  
1134. loc_1077E:
1135. shl ebx, 0Ch
1136. jz short @@done
1137. mov dword ptr mem_free, ebx
1138. mov eax, dword ptr pagetablefree
1139. sub eax, dword ptr pagetablebase_minus5+5 ; also id32_tsrmode - 3
1140. ; also id32_spawned_id - 1
1141. shl eax, 0Ah
1142. mov dword ptr pm32_info, eax ; also mem_ptr
1143.  
1144. @@done:
1145. retn
1146. vcpi_alloc_ems endp
1147.  
1148.  
1149. ; =============== S U B R O U T I N E =======================================
1150.  
1151.  
1152. vcpi_alloc_xms proc near
1153. push ebx
1154. shr ecx, 0Ah
1155. and cl, 0FCh
1156.  
1157. @@1:
1158. mov edx, ecx
1159. jecxz @@done
1160. call xms_allocmem
1161. dec ax
1162. jz short @@2
1163. sub ecx, 4
1164. jnb short @@1
1165. jmp short @@done
1166. ; ---------------------------------------------------------------------------
1167.  
1168. @@2:
1169. mov xms_handle, dx
1170. mov ah, 0Ch
1171. call xms_call
1172. dec ax
1173. jz short @@3
1174. xor dx, dx
1175. xchg dx, xms_handle
1176. mov ah, 0Ah
1177. call xms_call
1178. jmp short @@done
1179. ; ---------------------------------------------------------------------------
1180.  
1181. @@3:
1182. shl edx, 10h
1183. mov dx, bx
1184. shr ecx, 2
1185. movzx eax, cx
1186. pop ebx
1187. add ebx, eax
1188. push ebx
1189.  
1190. @@4:
1191. cmp di, 1000h
1192. jb short @@5
1193. mov ax, es
1194. add ax, 100h
1195. mov es, ax
1196. assume es:nothing
1197. xor di, di
1198.  
1199. @@5:
1200. and dh, 0F0h
1201. mov dl, 7
1202. mov es:[di], edx
1203. add di, 4
1204. add edx, 1000h
1205. loop @@4
1206.  
1207. @@done:
1208. pop ebx
1209. retn
1210. vcpi_alloc_xms endp
1211.  
1212. ; ---------------------------------------------------------------------------
1213. ; START OF FUNCTION CHUNK FOR pm32_init_new
1214.  
1215. x_init:
1216. mov ah, 7
1217. call xms_call
1218. mov A20_state, al
1219. mov ah, 3
1220. call xms_call
1221. mov bx, 7
1222. dec ax
1223. stc
1224. jnz init_done
1225. mov eax, xms_data
1226. mov edx, pm32_maxextmem
1227. shr edx, 0Ah
1228. cmp edx, eax
1229. jbe short loc_1083C
1230. mov edx, eax
1231.  
1232. loc_1083C:
1233. mov esi, edx
1234. test edx, edx
1235. jz short loc_10876
1236. call xms_allocmem
1237. dec ax
1238. jnz short loc_10876
1239. mov xms_handle, dx
1240. mov ah, 0Ch
1241. call xms_call
1242. dec ax
1243. jz short loc_10865
1244. xor dx, dx
1245. xchg dx, xms_handle
1246. mov ah, 0Ah
1247. call xms_call
1248. jmp short loc_10876
1249. ; ---------------------------------------------------------------------------
1250.  
1251. loc_10865: ; also mem_ptr
1252. mov word ptr pm32_info, bx
1253. mov word ptr loc_100E6, dx
1254. shl esi, 0Ah
1255. mov dword ptr mem_free, esi
1256.  
1257. loc_10876:
1258. jmp xr_init
1259. ; ---------------------------------------------------------------------------
1260.  
1261. r_init:
1262. call enable_A20
1263. mov bx, 7
1264. jb init_done
1265. push es
1266. push ss
1267. pop es
1268. assume es:nothing
1269. xor eax, eax
1270. mov ebx, eax
1271. mov ecx, eax
1272. mov edi, eax
1273. sub sp, 20h
1274. mov di, sp
1275.  
1276. @@0_r:
1277. mov cl, 14h
1278. mov eax, 0E820h
1279. mov edx, 'SMAP'
1280. int 15h
1281. jb short @@noE820
1282. jcxz short @@noE820
1283. cmp eax, 'SMAP'
1284. jnz short @@noE820
1285. xor eax, eax
1286. cmp eax, es:[di+4]
1287. jnz short @@0_r
1288. cmp eax, es:[di+0Ch]
1289. jnz short @@0_r
1290. inc ax
1291. cmp eax, es:[di+10h]
1292. jnz short @@0_r
1293. mov edx, es:[di]
1294. cmp edx, 100000h
1295. jnz short @@0_r
1296. mov eax, es:[di+8]
1297. add edx, eax
1298. add sp, 20h
1299. pop es
1300. jmp short @@temper
1301. ; ---------------------------------------------------------------------------
1302.  
1303. @@noE820:
1304. add sp, 20h
1305. pop es
1306. xor bx, bx
1307. xor cx, cx
1308. xor dx, dx
1309. mov ax, 0E801h
1310. stc
1311. int 15h
1312. jb short @@noE801
1313. mov di, cx
1314. or di, dx
1315. jz short @@useE801
1316. mov ax, cx
1317. mov bx, dx
1318.  
1319. @@useE801:
1320. mov di, ax
1321. or di, bx
1322. jz short @@noE801
1323. movzx eax, ax
1324. movzx ebx, bx
1325. shl ebx, 6
1326. add eax, ebx
1327. jmp short @@calcmem
1328. ; ---------------------------------------------------------------------------
1329.  
1330. @@noE801:
1331. xor eax, eax
1332. mov ah, 88h ; 'ˆ'
1333. int 15h ; EXTENDED MEMORY - GET MEMORY SIZE (AT,XT286,PS)
1334. ; Return: AX = memory size in K
1335. test ax, ax
1336. jz short xr_init
1337.  
1338. @@calcmem:
1339. shl eax, 0Ah
1340. lea edx, [eax+100000h]
1341.  
1342. @@temper:
1343. cmp eax, pm32_maxextmem
1344. jbe short loc_1093C
1345. mov eax, pm32_maxextmem
1346.  
1347. loc_1093C:
1348. add eax, 3FFh
1349. and eax, 0FFFFFC00h
1350. sub edx, eax
1351. mov dword ptr pm32_info, edx ; also mem_ptr
1352. mov dword ptr mem_free, eax
1353. shr eax, 0Ah
1354. test eax, 0FFFF0000h
1355. jz short loc_10963
1356. or ax, 0FFFFh
1357.  
1358. loc_10963: ; also base of real mode alias table
1359. mov word ptr mem_used, ax
1360.  
1361. xr_init:
1362. mov word ptr picslave, 870h
1363. mov rmtopmswrout, offset xr_rmtopmsw
1364. mov pmtormswrout, offset xr_pmtormsw
1365.  
1366. vxr_init:
1367. call install_ints
1368. xor eax, eax
1369. mov ax, es
1370. mov idtseg, ax
1371. mov ebx, eax
1372. shl ebx, 4
1373. mov idtbase, ebx
1374. add ax, 80h ; '€'
1375. mov word ptr rmstackbase_and_top, ax
1376. movzx bx, pm32_rmstacks
1377. mov cx, pm32_rmstacklen
1378. mov word ptr rmstacklen, cx
1379. imul bx, cx
1380. add ax, bx
1381. mov word ptr rmstackbase_and_top+2, ax
1382. mov word ptr rmstacktop2+1, ax
1383. shl eax, 4
1384. mov dword ptr pmstackbase_and_top, eax
1385. movzx ebx, pm32_pmstacks
1386. movzx ecx, pm32_pmstacklen
1387. shl ecx, 4
1388. mov dword ptr pmstacklen_minus1+1, ecx
1389. imul ebx, ecx
1390. add eax, ebx
1391. mov dword ptr pmstackbase_and_top+4, eax
1392. mov dword ptr pmstacktop2, eax
1393. mov dword ptr callbackbase_and_seg, eax
1394. shr eax, 4
1395. mov word ptr callbackbase_and_seg+4, ax
1396. mov es, ax
1397. call allocate_callbacks
1398. xor eax, eax
1399. mov ax, es
1400. mov gdtseg, ax
1401. shl eax, 4
1402. mov gdtbase, eax
1403. movzx ecx, pm32_selectors
1404. lea ecx, ds:4Fh[ecx*8]
1405. mov gdtlimit, cx
1406. xor di, di
1407. inc cx
1408. shr cx, 1
1409. xor eax, eax
1410. rep stosw
1411. cmp pmodetype, 2
1412. jnz short @@f0
1413. pop ax
1414. shl eax, 4
1415. mov es:22h, eax
1416. mov byte ptr es:20h, 67h ; 'g'
1417. mov byte ptr es:25h, 89h ; '‰'
1418. add eax, 40h ; '@'
1419. mov vcpiswitchstack, eax
1420. mov di, 28h ; '('
1421. mov si, sp
1422. mov cl, 0Ch
1423. rep movs word ptr es:[di], word ptr ss:[si]
1424. add sp, 18h
1425.  
1426. @@f0:
1427. mov ax, 0FFFFh
1428. mov es:18h, ax
1429. mov es:48h, ax
1430. mov ax, 0DF92h
1431. mov es:1Dh, ax
1432. mov es:4Dh, ax
1433. mov ax, cs
1434. mov bx, 8
1435. mov cx, 0FFFFh
1436. mov dx, 109Ah
1437. call vxr_initsetdsc
1438. mov bx, 10h
1439. mov dx, 1092h
1440. call vxr_initsetdsc
1441. mov ax, 40h ; '@'
1442. mov bx, 40h ; '@'
1443. call vxr_initsetdsc
1444. mov bx, 50h ; 'P'
1445. push bx
1446. mov ax, ss
1447. mov dx, 5092h
1448. call vxr_initsetdsc
1449. mov ax, [bp+0]
1450. mov [bp+0], bx
1451. call vxr_initsetdsc
1452. push bx
1453. mov ah, 51h
1454. int 21h ; DOS - 2+ internal - GET PSP SEGMENT
1455. ; Return: BX = current PSP segment
1456. mov si, bx
1457. pop bx
1458. push ds
1459. mov ds, si
1460. assume ds:nothing
1461. mov ax, ds:2Ch
1462. test ax, ax
1463. jz short loc_10AB1
1464. mov ds:2Ch, bx
1465. call vxr_initsetdsc
1466. mov ax, si
1467.  
1468. loc_10AB1:
1469. mov cx, 0FFh
1470. call vxr_initsetdsc
1471. pop ds
1472. assume ds:KERNEL
1473. sub bx, 8
1474. mov cx, bx
1475. pop dx
1476. mov ax, 18h
1477. movzx ebx, sp
1478. mov si, 8
1479. mov edi, offset loc_10AD2
1480. jmp rmtopmswrout
1481. ; ---------------------------------------------------------------------------
1482.  
1483. loc_10AD2:
1484. cli
1485. mov edi, cs:codebase
1486. mov eax, cs:vcpi_cr3
1487. mov cr3, eax
1488. mov eax, cr0
1489. mov dword ptr oldcr0[edi], eax
1490. xor eax, eax
1491. mov cr2, eax
1492. cmp eax, cs:cpuidlvl
1493. jz short loc_10B18
1494. mov al, 1
1495. cpuid
1496. test edx, 1000000h
1497. jz short loc_10B18
1498. mov eax, cr4
1499. or ax, 200h
1500. mov cr4, eax
1501. mov eax, cr0
1502. and al, 0F9h
1503. mov cr0, eax
1504. assume ds:nothing
1505.  
1506. loc_10B18:
1507. clts
1508. mov eax, ds:54h
1509. mov dword ptr ds:(oldint15h+1)[edi], eax
1510. mov eax, ds:6Ch
1511. mov dword ptr ds:(oldint1Bh_and_1Ch+1)[edi], eax
1512. mov eax, ds:70h
1513. mov dword ptr ds:(oldint1Bh_and_1Ch+5)[edi], eax
1514. mov eax, ds:84h
1515. mov dword ptr ds:oldint21h[edi], eax
1516. mov eax, ds:8Ch
1517. mov dword ptr ds:(oldint23h_minus1+1)[edi], eax
1518. mov eax, ds:90h
1519. mov dword ptr ds:oldint24h[edi], eax
1520. mov eax, ds:0BCh
1521. mov dword ptr ds:oldint2Fh[edi], eax
1522. mov eax, ds:8 ; DOS32AWE addition
1523. mov dword ptr ds:oldNMI[edi], eax ; DOS32AWE addition
1524. mov ax, cs:kernel_code
1525. shl eax, 10h
1526. mov ax, offset int21h_rm
1527. mov ds:84h, eax
1528. mov ax, cs:kernel_code ; DOS32AWE addition
1529. shl eax, 10h ; DOS32AWE addition
1530. mov ax, offset NMI_rm ; DOS32AWE addition
1531. mov ds:8, eax ; DOS32AWE addition
1532. mov dword ptr ds:newNMI[edi], eax
1533. cmp cs:pmodetype, 0
1534. jnz short @@1
1535. cmp word ptr cs:id32_process_id_minus2+2, 0
1536. jnz short @@1
1537. mov ax, offset int15h_rm
1538. mov ds:54h, eax
1539.  
1540. @@1:
1541. push ds
1542. push es
1543. push edi
1544. push cs
1545. pop ds
1546. assume ds:KERNEL
1547. mov es, seldata
1548. assume es:nothing
1549. mov ax, 303h
1550. mov esi, offset int1Bh
1551. mov edi, offset v_init__cbdata1B
1552. int 31h ; DPMI Services ax=func xxxxh
1553. ; ALLOCATE REAL MODE CALL-BACK ADDRESS
1554. ; DS:SI=selector:offset of procedure to call
1555. ; ES:DI=selector:offset of real mode call structure
1556. ; Return: CF set on error
1557. ; CF clear if ok, CX:DX = segment:offset of real mode call address
1558. push cx
1559. push dx
1560. mov si, offset int1Ch
1561. mov di, (offset cbdata1Ch+3)
1562. int 31h ; DPMI Services ax=func xxxxh
1563. ; ALLOCATE REAL MODE CALL-BACK ADDRESS
1564. ; DS:SI=selector:offset of procedure to call
1565. ; ES:DI=selector:offset of real mode call structure
1566. ; Return: CF set on error
1567. ; CF clear if ok, CX:DX = segment:offset of real mode call address
1568. push cx
1569. push dx
1570. mov si, offset int23h
1571. mov di, (offset cbdata23h+1)
1572. int 31h ; DPMI Services ax=func xxxxh
1573. ; ALLOCATE REAL MODE CALL-BACK ADDRESS
1574. ; DS:SI=selector:offset of procedure to call
1575. ; ES:DI=selector:offset of real mode call structure
1576. ; Return: CF set on error
1577. ; CF clear if ok, CX:DX = segment:offset of real mode call address
1578. push cx
1579. push dx
1580. mov si, offset int24h
1581. mov di, offset cbdata24
1582. int 31h ; DPMI Services ax=func xxxxh
1583. ; ALLOCATE REAL MODE CALL-BACK ADDRESS
1584. ; DS:SI=selector:offset of procedure to call
1585. ; ES:DI=selector:offset of real mode call structure
1586. ; Return: CF set on error
1587. ; CF clear if ok, CX:DX = segment:offset of real mode call address
1588. push cx
1589. push dx
1590. mov ds, seldata
1591. assume ds:nothing
1592. pop large [dword ptr ds:newint24h]
1593. pop large [dword ptr ds:@@v2+1]
1594. pop large [dword ptr ds:newint1Ch+1]
1595. pop large [dword ptr ds:newint1Bh+1]
1596. pop edi
1597. pop es
1598. assume es:nothing
1599. pop ds
1600. assume ds:KERNEL
1601. xor eax, eax
1602. mov ebx, dword ptr cs:pm32_info ; also mem_ptr
1603. mov ecx, dword ptr cs:mem_free
1604. mov edx, ebx
1605. add ebx, 0Fh
1606. and bl, 0F0h
1607. mov esi, ebx
1608. sub esi, edx
1609. add esi, 10h
1610. sub ecx, esi
1611. ja short loc_10C48
1612. mov dword ptr pm32_info[edi], eax ; also mem_ptr
1613. mov dword ptr mem_free[edi], eax
1614. jmp short loc_10C85
1615. ; ---------------------------------------------------------------------------
1616.  
1617. loc_10C48:
1618. mov eax, 12345678h
1619. mov [ebx], eax
1620. mov [ebx+0Ch], eax
1621. movzx eax, word ptr id32_process_id_minus2+2
1622. mov [ebx+8], eax
1623. mov [ebx+4], ecx
1624. lea edx, [ebx+ecx+10h]
1625. mov dword ptr (mem_top_minus1+1)[edi], edx
1626. mov dword ptr pm32_info[edi], ebx ; also mem_ptr
1627. mov dword ptr mem_free[edi], ecx
1628.  
1629. loc_10C85:
1630. sti
1631. jmp dxvr_init
1632. ; END OF FUNCTION CHUNK FOR pm32_init_new
1633.  
1634. ; =============== S U B R O U T I N E =======================================
1635.  
1636.  
1637. install_ints proc near
1638. xor di, di
1639. xor ecx, ecx
1640. mov dx, word ptr picslave
1641.  
1642. loc_10C92:
1643. lea eax, (intmatrix - 0FFF80000h)[ecx*4]
1644. stosd
1645. mov eax, 8E00h
1646. mov bl, cl
1647. and bl, 0F8h
1648. test cl, 0F0h
1649. jz short loc_10CBD
1650. cmp bl, dl
1651. jz short loc_10CBD
1652. cmp bl, dh
1653. jz short loc_10CBD
1654. cmp cl, 2
1655. jz short loc_10CBD
1656. mov ax, 8F00h
1657.  
1658. loc_10CBD:
1659. stosd
1660. inc cl
1661. jnz short loc_10C92
1662. mov word ptr es:108h, offset int21h_pm
1663. mov word ptr es:188h, offset int31h_pm
1664. push ds
1665. push es
1666. push ds
1667. pop es
1668. assume es:KERNEL
1669. xor ax, ax
1670. mov ds, ax
1671. assume ds:nothing
1672. mov di, (offset irqtabrm_minus1+1)
1673. movzx si, dh
1674. shl si, 2
1675. mov cx, 8
1676. rep movsd
1677. movzx si, dl
1678. shl si, 2
1679. mov cl, 8
1680. rep movsd
1681. mov cl, 10h
1682. mov di, (offset exctabpm_minus3+3)
1683. mov ax, offset excmatrix
1684.  
1685. loc_10CFB:
1686. stosw
1687. mov word ptr es:[di+2], 8
1688. add di, 6
1689. add ax, 4
1690. loop loc_10CFB
1691. pop es
1692. assume es:nothing
1693. pop ds
1694. assume ds:KERNEL
1695. mov ax, offset irq_fail
1696. sub ax, offset irq_pastcall
1697. mov di, (offset irq_atcall+1)
1698. mov cl, 0Fh
1699.  
1700. loc_10D17:
1701. mov [di], ax
1702. sub ax, 4
1703. add di, 4
1704. loop loc_10D17
1705. movzx dx, picmaster
1706. call setup_irqs
1707. movzx dx, picslave
1708. call setup_irqs
1709. mov ax, (offset nmi_forward - 126Ch) ; DOS32AWE addition
1710. mov word ptr intmatrix_entry02_plus1+1, ax ; DOS32AWE addition
1711. cmp picmaster, 10h
1712. jnb short locret_10D44
1713. mov ax, (offset irq_normal - 12A0h)
1714. mov word ptr intmatrix_entry0F_plus1+1, ax
1715.  
1716. locret_10D44:
1717. retn
1718. install_ints endp
1719.  
1720.  
1721. ; =============== S U B R O U T I N E =======================================
1722.  
1723.  
1724. setup_irqs proc near
1725. cmp dl, 0Fh
1726. mov ax, offset irq_tester
1727. jbe short loc_10D50
1728. mov ax, offset irq_normal
1729.  
1730. loc_10D50:
1731. shl dx, 2
1732. sub ax, offset irq_pastcall
1733. sub ax, dx
1734. mov di, (offset irq_atcall+1)
1735. add di, dx
1736. mov cl, 8
1737.  
1738. loc_10D5F:
1739. mov [di], ax
1740. sub ax, 4
1741. add di, 4
1742. loop loc_10D5F
1743. retn
1744. setup_irqs endp
1745.  
1746.  
1747. ; =============== S U B R O U T I N E =======================================
1748.  
1749.  
1750. allocate_callbacks proc near
1751. movzx cx, pm32_callbacks
1752. jcxz short locret_10DB1
1753. xor di, di
1754. mov ax, 6866h
1755. mov dx, kernel_code
1756. push ds
1757. push es
1758. pop ds
1759.  
1760. loc_10D7D:
1761. mov word ptr [di], 6066h
1762. mov [di+2], ah
1763. mov word ptr [di+3], 0
1764. mov [di+5], ax
1765. mov byte ptr [di+0Bh], 0B9h ; '¹'
1766. mov [di+0Eh], ax
1767. mov byte ptr [di+14h], 0EAh ; 'ê'
1768. mov word ptr [di+15h], offset callback
1769. mov [di+17h], dx
1770. add di, 19h
1771. loop loc_10D7D
1772. pop ds
1773. add di, 0Fh
1774. shr di, 4
1775. mov ax, es
1776. add ax, di
1777. mov es, ax
1778. assume es:nothing
1779.  
1780. locret_10DB1:
1781. retn
1782. allocate_callbacks endp
1783.  
1784.  
1785. ; =============== S U B R O U T I N E =======================================
1786.  
1787.  
1788. vxr_initsetdsc proc near
1789. push ax
1790. movzx eax, ax
1791. shl eax, 4
1792. mov es:[bx], cx
1793. mov es:[bx+2], eax
1794. mov es:[bx+5], dx
1795. add bx, 8
1796. pop ax
1797. retn
1798. vxr_initsetdsc endp
1799.  
1800.  
1801. ; =============== S U B R O U T I N E =======================================
1802.  
1803.  
1804. xms_allocmem proc near
1805. push edi
1806. mov edi, edx
1807. mov ah, 89h ; '‰'
1808. call xms_call
1809. cmp ax, 1
1810. jz short loc_10DE4
1811. mov dx, di
1812. mov ah, 9
1813. call xms_call
1814.  
1815. loc_10DE4:
1816. pop edi
1817. retn
1818. xms_allocmem endp
1819.  
1820.  
1821. ; =============== S U B R O U T I N E =======================================
1822.  
1823.  
1824. int21h_pm proc near
1825. cmp ah, 4Ch ; 'L'
1826. jnz short @@done
1827. cli
1828. cld
1829. push ax
1830. mov ds, cs:seldata
1831. assume ds:nothing
1832. mov es, word ptr ds:2Ch
1833. assume es:nothing, ds:KERNEL
1834. mov eax, dword ptr oldcr0
1835. mov cr0, eax
1836. mov eax, dword ptr oldint1Bh_and_1Ch+1
1837. mov es:6Ch, eax
1838. mov eax, dword ptr oldNMI ; DOS32AWE ADDITION
1839. mov es:8, eax ; DOS32AWE ADDITION
1840. mov eax, dword ptr oldint1Bh_and_1Ch+5
1841. mov es:70h, eax
1842. mov eax, dword ptr oldint21h
1843. mov es:84h, eax
1844. mov eax, dword ptr oldint23h_minus1+1
1845. mov es:8Ch, eax
1846. mov eax, dword ptr oldint24h
1847. mov es:90h, eax
1848. mov eax, dword ptr oldint2Fh
1849. mov es:0BCh, eax
1850. call mem_dealloc
1851. movzx bx, pmodetype
1852. add bx, bx
1853. call word ptr @@exit[bx]
1854. pop ax
1855.  
1856. @@done:
1857. jmp intmatrix_entry21
1858. ; ---------------------------------------------------------------------------
1859. @@exit:
1860. dw offset r_exit
1861. dw offset x_exit
1862. dw offset v_exit
1863. dw offset d_exit
1864. int21h_pm endp ; sp-analysis failed
1865.  
1866.  
1867. ; =============== S U B R O U T I N E =======================================
1868.  
1869.  
1870. mem_dealloc proc near
1871. cmp word ptr id32_process_id_minus2+2, 0
1872. jz short locret_10E9F
1873. mov esi, dword ptr pm32_info ; also mem_ptr
1874. mov eax, dword ptr mem_free
1875. or eax, esi
1876. jz short locret_10E9F
1877.  
1878. @@1:
1879. mov eax, es:[esi+4]
1880. mov edx, es:[esi+8]
1881. btr eax, 1Fh
1882. cmp edx, dword ptr id32_process_id_minus2+2
1883. jnz short @@2
1884. mov es:[esi+4], eax
1885.  
1886. @@2:
1887. lea esi, [esi+eax+10h]
1888. cmp esi, dword ptr mem_top_minus1+1
1889. jb short @@1
1890. push ds
1891. push es
1892. pop ds
1893. call int31_linkfreeblocks
1894. pop ds
1895.  
1896. locret_10E9F:
1897. retn
1898. mem_dealloc endp
1899.  
1900.  
1901. ; =============== S U B R O U T I N E =======================================
1902.  
1903.  
1904. r_exit proc near
1905. mov eax, dword ptr oldint15h+1
1906. mov es:54h, eax
1907. retn
1908. r_exit endp
1909.  
1910.  
1911. ; =============== S U B R O U T I N E =======================================
1912.  
1913.  
1914. x_exit proc near
1915. call xms_dealloc
1916. mov ah, A20_state
1917. and ah, 1
1918. xor ah, 1
1919. add ah, 3
1920. jmp short xms_call_pm
1921. x_exit endp
1922.  
1923.  
1924. ; =============== S U B R O U T I N E =======================================
1925.  
1926.  
1927. v_exit proc near
1928. mov cx, vcpi_allocmem
1929. mov esi, dword ptr pagetablefree
1930. jcxz short xms_dealloc
1931.  
1932. loc_10EC7:
1933. mov edx, es:[esi]
1934. add esi, 4
1935. and dx, 0F000h
1936. mov ax, 0DE05h
1937. call large [fword ptr vcpi_calleip]
1938. loop loc_10EC7
1939. mov eax, vcpi_cr3
1940. mov cr3, eax
1941. v_exit endp ; sp-analysis failed
1942.  
1943.  
1944. ; =============== S U B R O U T I N E =======================================
1945.  
1946.  
1947. xms_dealloc proc near
1948. mov dx, xms_handle
1949. test dx, dx
1950. jz short d_exit
1951. mov ah, 0Dh
1952. call xms_call_pm
1953. mov ah, 0Ah
1954. xms_dealloc endp ; sp-analysis failed
1955.  
1956.  
1957. ; =============== S U B R O U T I N E =======================================
1958.  
1959.  
1960. xms_call_pm proc near
1961.  
1962. var_1E = word ptr -1Eh
1963. var_16 = word ptr -16h
1964. var_12 = word ptr -12h
1965. var_8 = dword ptr -8
1966. var_4 = dword ptr -4
1967.  
1968. push ss
1969. pop es
1970. sub esp, 32h
1971. mov edi, esp
1972. xor ecx, ecx
1973. mov [esp+32h+var_1E], dx
1974. mov [esp+32h+var_16], ax
1975. mov eax, xms_call
1976. mov [esp+32h+var_12], cx
1977. mov [esp+32h+var_4], ecx
1978. mov [esp+32h+var_8], eax
1979. xor bx, bx
1980. mov ax, 301h
1981. int 31h ; DPMI Services ax=func xxxxh
1982. ; CALL REAL MODE PROC WITH FAR RET FRAME
1983. ; CX = number of words to copy from protected mode to real mode stack
1984. ; ES:DI / ES:EDI = selector:offset of real mode call structure
1985. ; Return: CF set on error
1986. ; CF clear if successful
1987. add esp, 32h
1988.  
1989. d_exit:
1990. retn
1991. xms_call_pm endp
1992.  
1993.  
1994. ; =============== S U B R O U T I N E =======================================
1995.  
1996.  
1997. NMI_rm proc far
1998. push ax ; DOS32AWE ADDITION BEGIN
1999. pushf
2000. call dword ptr cs:oldNMI
2001. xor al, al
2002. out 70h, al ; CMOS Memory:
2003. ; used by real-time clock
2004. pop ax
2005. iret ; DOS32AWE ADDITION END
2006. NMI_rm endp
2007.  
2008.  
2009. ; =============== S U B R O U T I N E =======================================
2010.  
2011.  
2012. int15h_rm proc far
2013. cmp ah, 88h ; 'ˆ'
2014. jz short @@1
2015. cmp ax, 0E801h
2016. jz short @@err
2017. cmp ax, 0E820h
2018. jz short @@err
2019. jmp dword ptr cs:oldint15h+1
2020. ; ---------------------------------------------------------------------------
2021.  
2022. @@1:
2023. pushf
2024. call dword ptr cs:oldint15h+1
2025. sub ax, word ptr cs:mem_used ; also base of real mode alias table
2026. jnb short loc_10F5B
2027. xor ax, ax
2028.  
2029. loc_10F5B:
2030. push bp
2031. mov bp, sp
2032. and byte ptr [bp+6], 0FEh
2033. pop bp
2034. iret
2035. ; ---------------------------------------------------------------------------
2036.  
2037. @@err:
2038. push bp
2039. mov bp, sp
2040. or byte ptr [bp+6], 1
2041. pop bp
2042. iret
2043. int15h_rm endp
2044.  
2045.  
2046. ; =============== S U B R O U T I N E =======================================
2047.  
2048.  
2049. int21h_rm proc far
2050. cmp byte ptr cs:pagetablebase_minus5+3, 0 ; also id32_tsrmode - 3
2051. ; also id32_spawned_id - 1
2052. jnz short loc_10F91
2053. cmp ax, 0FF88h
2054. jz short loc_10FD6
2055. cmp byte ptr cs:pagetablebase_minus5+1, 0 ; also id32_tsrmode - 3
2056. ; also id32_spawned_id - 1
2057. jnz short loc_10F91
2058. cmp ah, 4Ch ; 'L'
2059. jz short int21h_exit
2060. cmp ah, 4Bh ; 'K'
2061. jz short int21h_spawn
2062. cmp ah, 31h ; '1'
2063. jz short int21h_tsr
2064.  
2065. loc_10F91:
2066. jmp dword ptr cs:oldint21h
2067. ; ---------------------------------------------------------------------------
2068.  
2069. int21h_exit:
2070. cli
2071. mov bp, ax
2072. mov al, 80h ; '€'
2073. out 70h, al ; CMOS Memory:
2074. ;
2075. mov ax, 10h
2076. mov cx, ax
2077. mov dx, 18h
2078. mov ebx, dword ptr cs:pmstackbase_and_top+4
2079. mov si, 8
2080. mov edi, offset @@1
2081. jmp cs:rmtopmswrout
2082. ; ---------------------------------------------------------------------------
2083.  
2084. @@1:
2085. mov ax, bp
2086. jmp int21h_pm
2087. ; ---------------------------------------------------------------------------
2088.  
2089. int21h_spawn: ; also id32_tsrmode - 3
2090. mov byte ptr cs:pagetablebase_minus5+1, 1 ; also id32_spawned_id - 1
2091. pushf
2092. call dword ptr cs:oldint21h
2093. mov byte ptr cs:pagetablebase_minus5+1, 0 ; also id32_tsrmode - 3
2094. ; also id32_spawned_id - 1
2095. pop bx
2096. pop cx
2097. pop dx
2098. push cx
2099. push bx
2100. retf
2101. ; ---------------------------------------------------------------------------
2102.  
2103. loc_10FD6:
2104. mov eax, 'ID32'
2105. movzx ebx, cs:client_version
2106. mov ecx, dword ptr cs:mem_free
2107. mov edx, dword ptr cs:pm32_info ; also mem_ptr
2108. mov si, word ptr cs:id32_process_id_minus2+2
2109. shl esi, 10h
2110. movzx si, cs:pagetables
2111. mov edi, dword ptr cs:pagetablefree
2112. iret
2113. ; ---------------------------------------------------------------------------
2114.  
2115. int21h_tsr: ; also id32_tsrmode - 3
2116. mov byte ptr cs:pagetablebase_minus5+3, 1 ; also id32_spawned_id - 1
2117. jmp dword ptr cs:oldint21h
2118. int21h_rm endp ; sp-analysis failed
2119.  
2120.  
2121. ; =============== S U B R O U T I N E =======================================
2122.  
2123.  
2124. int1Bh proc near
2125. call intold_save
2126. int 1Bh ; CTRL-BREAK KEY
2127. mov ax, 6
2128. jmp intold_restore
2129. int1Bh endp
2130.  
2131.  
2132. ; =============== S U B R O U T I N E =======================================
2133.  
2134.  
2135. int1Ch proc near
2136. call intold_save
2137. push ds
2138. mov ds, cs:selzero
2139. mov eax, dword ptr cs:oldint1Bh_and_1Ch+5
2140. assume ds:nothing
2141. mov ds:70h, eax
2142. pop ds
2143. assume ds:KERNEL
2144. int 1Ch ; CLOCK TICK
2145. push ds
2146. mov ds, cs:selzero
2147. mov eax, dword ptr cs:newint1Ch+1
2148. assume ds:nothing
2149. mov ds:70h, eax
2150. pop ds
2151. assume ds:KERNEL
2152. mov ax, 6
2153. jmp intold_restore
2154. int1Ch endp
2155.  
2156.  
2157. ; =============== S U B R O U T I N E =======================================
2158.  
2159.  
2160. int23h proc near
2161. call intold_save
2162. clc
2163. mov ebp, esp
2164. int 23h ; DOS - CONTROL "C" EXIT ADDRESS
2165. ; Return: return via RETF 2 with CF set
2166. ; DOS will abort program with errorlevel 0
2167. ; else
2168. ; interrupted DOS call continues
2169. mov esp, ebp
2170. setb ah
2171. mov al, es:[edi+20h]
2172. and al, 0FEh
2173. add al, ah
2174. mov es:[edi+20h], al
2175. mov ax, 4
2176. jmp short intold_restore
2177. int23h endp
2178.  
2179. ; ---------------------------------------------------------------------------
2180.  
2181. int24h:
2182. call intold_save
2183. push edi
2184. push large dword ptr [esi+1Ah]
2185. push large dword ptr [esi+16h]
2186. push large dword ptr [esi+12h]
2187. push large dword ptr [esi+0Eh]
2188. push large dword ptr [esi+0Ah]
2189. push large dword ptr [esi+6]
2190. mov ax, es:[edi+1Ch]
2191. mov bp, es:[edi+8]
2192. mov si, es:[edi+4]
2193. mov di, es:[edi]
2194. int 24h ; DOS - FATAL ERROR HANDLER ADDRESS
2195. ; Automatically called upon detection of unrecoverable I/O error.
2196. add esp, 18h
2197. pop edi
2198. mov es:[edi+1Ch], al
2199. mov ax, 6
2200. jmp short intold_restore
2201.  
2202. ; =============== S U B R O U T I N E =======================================
2203.  
2204.  
2205. intold_save proc near
2206. pop bp
2207. mov ax, [esi+4]
2208. mov es:[edi+20h], ax
2209. mov eax, [esi]
2210. mov es:[edi+2Ah], eax
2211. push es
2212. push edi
2213. jmp bp
2214. intold_save endp
2215.  
2216.  
2217. ; =============== S U B R O U T I N E =======================================
2218.  
2219.  
2220. intold_restore proc near
2221. pop edi
2222. pop es
2223. add es:[edi+2Eh], ax
2224. iretd
2225. intold_restore endp ; sp-analysis failed
2226.  
2227.  
2228. ; =============== S U B R O U T I N E =======================================
2229.  
2230.  
2231. enable_A20 proc near
2232. pushf
2233. cli
2234. mov al, 80h ; '€'
2235. out 70h, al ; CMOS Memory:
2236. ;
2237. call enablea20test
2238. setz al
2239. mov A20_state, al
2240. jz short @@done
2241. in al, 92h ; try PS/2 like "fast A20 gate"
2242. or al, 2
2243. jmp short $+2
2244. jmp short $+2
2245. jmp short $+2
2246. out 92h, al
2247. call enablea20test
2248. jz short @@done
2249. call enablea20kbwait
2250. jnz short loc_1110A
2251. mov al, 0D1h ; 'Ñ'
2252. out 64h, al ; AT Keyboard controller 8042.
2253. call enablea20kbwait
2254. jnz short loc_1110A
2255. mov al, 0DFh ; 'ß'
2256. out 60h, al ; AT Keyboard controller 8042.
2257. call enablea20kbwait
2258.  
2259. loc_1110A:
2260. mov cx, 800h
2261.  
2262. loc_1110D:
2263. call enablea20test
2264. jz short @@done
2265. in al, 40h ; Timer 8253-5 (AT: 8254.2).
2266. jmp short $+2
2267. jmp short $+2
2268. jmp short $+2
2269. in al, 40h ; Timer 8253-5 (AT: 8254.2).
2270. mov ah, al
2271.  
2272. loc_1111E: ; Timer 8253-5 (AT: 8254.2).
2273. in al, 40h
2274. jmp short $+2
2275. jmp short $+2
2276. jmp short $+2
2277. in al, 40h ; Timer 8253-5 (AT: 8254.2).
2278. cmp al, ah
2279. jz short loc_1111E
2280. loop loc_1110D
2281. popf
2282. stc
2283. retn
2284. ; ---------------------------------------------------------------------------
2285.  
2286. @@done:
2287. popf
2288. clc
2289. retn
2290. enable_A20 endp
2291.  
2292.  
2293. ; =============== S U B R O U T I N E =======================================
2294.  
2295.  
2296. enablea20kbwait proc near
2297. xor cx, cx
2298.  
2299. loc_11136:
2300. jmp short $+2
2301. jmp short $+2
2302. jmp short $+2
2303. in al, 64h ; AT Keyboard controller 8042.
2304. test al, 2
2305. loopne loc_11136
2306. retn
2307. enablea20kbwait endp
2308.  
2309.  
2310. ; =============== S U B R O U T I N E =======================================
2311.  
2312.  
2313. enablea20test proc near
2314. push fs
2315. push gs
2316. xor ax, ax
2317. mov fs, ax
2318. assume fs:nothing
2319. dec ax
2320. mov gs, ax
2321. assume gs:nothing
2322. mov al, fs:0
2323. mov ah, al
2324. not al
2325. xchg al, gs:10h
2326. cmp ah, fs:0
2327. mov gs:10h, al
2328. pop gs
2329. pop fs
2330. assume fs:nothing
2331. retn
2332. enablea20test endp
2333.  
2334. ; ---------------------------------------------------------------------------
2335. align 4
2336.  
2337. ; =============== S U B R O U T I N E =======================================
2338.  
2339.  
2340. v_rmtopmsw proc near
2341. pushf
2342. mov ds, cs:kernel_code
2343. pop word ptr @@v1a+1
2344. mov word ptr tempw1, ax
2345. mov al, 80h ; DOS32AWE ADDITION: block NMI & IRQ during mode switch
2346. out 70h, al ; DOS32AWE ADDITION
2347. cli ; DOS32AWE ADDITION
2348. mov word ptr tempw2_aka_tempd1+1, si
2349. mov esi, vcpistrucaddx
2350. mov ax, 0DE0Ch
2351. int 67h ; - LIM EMS Program Interface - SWITCH TO PROTECTED MODE
2352. ; ESI = linear address in first megabyte of values for system registers
2353. ; Return: interrupts disabled
2354. ; GDTR, IDTR, LDTR, TR loaded
2355.  
2356. v_rmtopmswpm:
2357. mov ss, dx
2358. mov esp, ebx
2359. mov ds, word ptr cs:tempw1
2360. assume ds:nothing
2361. mov es, cx
2362. xor ax, ax
2363. mov fs, ax
2364. assume fs:nothing
2365. mov gs, ax
2366. assume gs:nothing
2367. pushfd
2368. mov ax, word ptr cs:@@v1a+1
2369. and ah, 0Fh
2370. mov [esp], ax
2371. push large [dword ptr cs:tempw2_aka_tempd1+1]
2372. push edi
2373. xor al, al ; DOS32AWE ADDITION: unblock NMI after mode switch.
2374. out 70h, al ; DOS32AWE ADDITION: IRQs will be unblocked by IRET
2375. iretd
2376. v_rmtopmsw endp
2377.  
2378. ; ---------------------------------------------------------------------------
2379. align 4
2380.  
2381. ; =============== S U B R O U T I N E =======================================
2382.  
2383.  
2384. v_pmtormsw proc far
2385. pushf
2386. cli
2387. push ax
2388. mov al, 80h ; DOS32AWE ADDITON: block NMI during mode switch
2389. out 70h, al ; DOS32AWE ADDITION
2390. mov ds, cs:selzero
2391. assume ds:KERNEL
2392. movzx ebx, bx
2393. mov eax, cs:vcpiswitchstack
2394. movzx edx, dx
2395. mov dword ptr [eax+20h], 0
2396. movzx ecx, cx
2397. mov dword ptr [eax+1Ch], 0
2398. mov [eax+14h], ecx
2399. pop cx
2400. mov [eax+18h], ecx
2401. mov [eax+10h], edx
2402. mov [eax+0Ch], ebx
2403. mov dword ptr [eax+4], seg KERNEL
2404. mov dword ptr [eax], offset @@0
2405. pop bx
2406. mov ss, cs:selzero
2407. mov esp, eax
2408. mov ax, 0DE0Ch
2409. call large [fword ptr cs:vcpi_calleip]
2410.  
2411. @@0:
2412. push bx
2413. push si
2414. push di ; DOS32AWE possible bug:
2415. ; not unblocking NMI during real mode execution.
2416. ; might be intentional to avoid NMI handling issues, though, but is different in non-VCPI path.
2417. ; might be the cause why memory managers are incompatible
2418. ; might be intentional to prevent use with memory managers.
2419. iret
2420. v_pmtormsw endp ; sp-analysis failed
2421.  
2422. ; ---------------------------------------------------------------------------
2423. align 4
2424.  
2425. ; =============== S U B R O U T I N E =======================================
2426.  
2427. ; Attributes: noreturn
2428.  
2429. xr_rmtopmsw proc near
2430. pushfd
2431. cli
2432. push ax
2433. mov al, 80h ; DOS32AWE ADDITON: block NMI during mode switch
2434. out 70h, al ; DOS32AWE ADDITION
2435. lidt fword ptr cs:idtlimit
2436. lgdt fword ptr cs:gdtlimit
2437. mov eax, cr0
2438. or al, 1
2439. mov cr0, eax
2440. jmp far ptr loc_11249 ; uses selector 8
2441.  
2442. loc_11249:
2443. pop ds
2444. mov es, cx
2445. xor ax, ax
2446. mov fs, ax
2447. mov gs, ax
2448. pop eax
2449. mov ss, dx
2450. mov esp, ebx
2451. and ah, 0BFh
2452. push ax
2453. popf
2454. push eax
2455. push esi
2456. push edi
2457. xor al, al ; DOS32AWE ADDITON: unblock NMI after mode switch
2458. out 70h, al ; DOS32AWE ADDITION
2459. iretd
2460. xr_rmtopmsw endp
2461.  
2462. ; ---------------------------------------------------------------------------
2463. align 4
2464.  
2465. ; =============== S U B R O U T I N E =======================================
2466.  
2467.  
2468. xr_pmtormsw proc far
2469. pushf
2470. cli
2471. push ax
2472. mov al, 80h ; DOS32AWE ADDITON: block NMI during mode switch
2473. out 70h, al ; DOS32AWE ADDITION
2474. mov ds, cs:seldata
2475. assume ds:nothing
2476. pop word ptr ds:@@v1a+1
2477. pop word ptr ds:tempw1
2478. mov ax, 10h
2479. mov ds, ax
2480. mov es, ax
2481. assume es:nothing
2482. mov fs, ax
2483. assume fs:nothing
2484. mov gs, ax
2485. assume gs:nothing
2486. mov ss, ax
2487. assume ss:nothing
2488. movzx esp, bx
2489. lidt fword ptr ds:rmidtlimit
2490. mov eax, cr0
2491. and al, 0FEh
2492. mov cr0, eax
2493. jmp loc_112A3
2494.  
2495. loc_112A3:
2496. mov ss, dx
2497. assume ss:nothing
2498. mov ds, word ptr cs:@@v1a+1
2499. assume ds:KERNEL
2500. mov es, cx
2501. assume es:nothing
2502. xor ax, ax
2503. mov fs, ax
2504. assume fs:nothing
2505. mov gs, ax
2506. assume gs:nothing
2507. push word ptr cs:tempw1
2508. push si
2509. push di
2510. out 70h, al ; DOS32AWE ADDITON: unblock NMI after mode switch
2511. iret
2512. xr_pmtormsw endp ; sp-analysis failed
2513.  
2514. ; ---------------------------------------------------------------------------
2515.  
2516. prefixed_retf:
2517. db 66h
2518. retf
2519. ; ---------------------------------------------------------------------------
2520. align 4
2521.  
2522. intmatrix:
2523. push ax
2524.  
2525. irq_atcall:
2526. call int_main
2527. ; ---------------------------------------------------------------------------
2528.  
2529. irq_pastcall:
2530. push ax
2531. call int_main
2532. ; ---------------------------------------------------------------------------
2533. push ax
2534.  
2535. intmatrix_entry02_plus1:
2536. call int_main
2537. ; ---------------------------------------------------------------------------
2538. push ax
2539. call int_main
2540. ; ---------------------------------------------------------------------------
2541. push ax
2542. call int_main
2543. ; ---------------------------------------------------------------------------
2544. push ax
2545. call int_main
2546. ; ---------------------------------------------------------------------------
2547. push ax
2548. call int_main
2549. ; ---------------------------------------------------------------------------
2550. push ax
2551. call int_main
2552. ; ---------------------------------------------------------------------------
2553. push ax
2554. call int_main
2555. ; ---------------------------------------------------------------------------
2556. push ax
2557. call int_main
2558. ; ---------------------------------------------------------------------------
2559. push ax
2560. call int_main
2561. ; ---------------------------------------------------------------------------
2562. push ax
2563. call int_main
2564. ; ---------------------------------------------------------------------------
2565. push ax
2566. call int_main
2567. ; ---------------------------------------------------------------------------
2568. push ax
2569. call int_main
2570. ; ---------------------------------------------------------------------------
2571. push ax
2572. call int_main
2573. ; ---------------------------------------------------------------------------
2574. push ax
2575.  
2576. intmatrix_entry0F_plus1:
2577. call int_main
2578. ; ---------------------------------------------------------------------------
2579. push ax
2580. call int_main
2581. ; ---------------------------------------------------------------------------
2582. push ax
2583. call int_main
2584. ; ---------------------------------------------------------------------------
2585. push ax
2586. call int_main
2587. ; ---------------------------------------------------------------------------
2588. push ax
2589. call int_main
2590. ; ---------------------------------------------------------------------------
2591. push ax
2592. call int_main
2593. ; ---------------------------------------------------------------------------
2594. push ax
2595. call int_main
2596. ; ---------------------------------------------------------------------------
2597. push ax
2598. call int_main
2599. ; ---------------------------------------------------------------------------
2600. push ax
2601. call int_main
2602. ; ---------------------------------------------------------------------------
2603. push ax
2604. call int_main
2605. ; ---------------------------------------------------------------------------
2606. push ax
2607. call int_main
2608. ; ---------------------------------------------------------------------------
2609. push ax
2610. call int_main
2611. ; ---------------------------------------------------------------------------
2612. push ax
2613. call int_main
2614. ; ---------------------------------------------------------------------------
2615. push ax
2616. call int_main
2617. ; ---------------------------------------------------------------------------
2618. push ax
2619. call int_main
2620. ; ---------------------------------------------------------------------------
2621. push ax
2622. call int_main
2623. ; ---------------------------------------------------------------------------
2624. push ax
2625. call int_main
2626. ; ---------------------------------------------------------------------------
2627. push ax
2628. call int_main
2629. ; ---------------------------------------------------------------------------
2630.  
2631. intmatrix_entry21:
2632. push ax
2633. call int_main
2634. ; ---------------------------------------------------------------------------
2635. push ax
2636. call int_main
2637. ; ---------------------------------------------------------------------------
2638. push ax
2639. call int_main
2640. ; ---------------------------------------------------------------------------
2641. push ax
2642. call int_main
2643. ; ---------------------------------------------------------------------------
2644. push ax
2645. call int_main
2646. ; ---------------------------------------------------------------------------
2647. push ax
2648. call int_main
2649. ; ---------------------------------------------------------------------------
2650. push ax
2651. call int_main
2652. ; ---------------------------------------------------------------------------
2653. push ax
2654. call int_main
2655. ; ---------------------------------------------------------------------------
2656. push ax
2657. call int_main
2658. ; ---------------------------------------------------------------------------
2659. push ax
2660. call int_main
2661. ; ---------------------------------------------------------------------------
2662. push ax
2663. call int_main
2664. ; ---------------------------------------------------------------------------
2665. push ax
2666. call int_main
2667. ; ---------------------------------------------------------------------------
2668. push ax
2669. call int_main
2670. ; ---------------------------------------------------------------------------
2671. push ax
2672. call int_main
2673. ; ---------------------------------------------------------------------------
2674. push ax
2675. call int_main
2676. ; ---------------------------------------------------------------------------
2677. push ax
2678. call int_main
2679. ; ---------------------------------------------------------------------------
2680. push ax
2681. call int_main
2682. ; ---------------------------------------------------------------------------
2683. push ax
2684. call int_main
2685. ; ---------------------------------------------------------------------------
2686. push ax
2687. call int_main
2688. ; ---------------------------------------------------------------------------
2689. push ax
2690. call int_main
2691. ; ---------------------------------------------------------------------------
2692. push ax
2693. call int_main
2694. ; ---------------------------------------------------------------------------
2695. push ax
2696. call int_main
2697. ; ---------------------------------------------------------------------------
2698. push ax
2699. call int_main
2700. ; ---------------------------------------------------------------------------
2701. push ax
2702. call int_main
2703. ; ---------------------------------------------------------------------------
2704. push ax
2705. call int_main
2706. ; ---------------------------------------------------------------------------
2707. push ax
2708. call int_main
2709. ; ---------------------------------------------------------------------------
2710. push ax
2711. call int_main
2712. ; ---------------------------------------------------------------------------
2713. push ax
2714. call int_main
2715. ; ---------------------------------------------------------------------------
2716. push ax
2717. call int_main
2718. ; ---------------------------------------------------------------------------
2719. push ax
2720. call int_main
2721. ; ---------------------------------------------------------------------------
2722. push ax
2723. call int_main
2724. ; ---------------------------------------------------------------------------
2725. push ax
2726. call int_main
2727. ; ---------------------------------------------------------------------------
2728. push ax
2729. call int_main
2730. ; ---------------------------------------------------------------------------
2731. push ax
2732. call int_main
2733. ; ---------------------------------------------------------------------------
2734. push ax
2735. call int_main
2736. ; ---------------------------------------------------------------------------
2737. push ax
2738. call int_main
2739. ; ---------------------------------------------------------------------------
2740. push ax
2741. call int_main
2742. ; ---------------------------------------------------------------------------
2743. push ax
2744. call int_main
2745. ; ---------------------------------------------------------------------------
2746. push ax
2747. call int_main
2748. ; ---------------------------------------------------------------------------
2749. push ax
2750. call int_main
2751. ; ---------------------------------------------------------------------------
2752. push ax
2753. call int_main
2754. ; ---------------------------------------------------------------------------
2755. push ax
2756. call int_main
2757. ; ---------------------------------------------------------------------------
2758. push ax
2759. call int_main
2760. ; ---------------------------------------------------------------------------
2761. push ax
2762. call int_main
2763. ; ---------------------------------------------------------------------------
2764. push ax
2765. call int_main
2766. ; ---------------------------------------------------------------------------
2767. push ax
2768. call int_main
2769. ; ---------------------------------------------------------------------------
2770. push ax
2771. call int_main
2772. ; ---------------------------------------------------------------------------
2773. push ax
2774. call int_main
2775. ; ---------------------------------------------------------------------------
2776. push ax
2777. call int_main
2778. ; ---------------------------------------------------------------------------
2779. push ax
2780. call int_main
2781. ; ---------------------------------------------------------------------------
2782. push ax
2783. call int_main
2784. ; ---------------------------------------------------------------------------
2785. push ax
2786. call int_main
2787. ; ---------------------------------------------------------------------------
2788. push ax
2789. call int_main
2790. ; ---------------------------------------------------------------------------
2791. push ax
2792. call int_main
2793. ; ---------------------------------------------------------------------------
2794. push ax
2795. call int_main
2796. ; ---------------------------------------------------------------------------
2797. push ax
2798. call int_main
2799. ; ---------------------------------------------------------------------------
2800. push ax
2801. call int_main
2802. ; ---------------------------------------------------------------------------
2803. push ax
2804. call int_main
2805. ; ---------------------------------------------------------------------------
2806. push ax
2807. call int_main
2808. ; ---------------------------------------------------------------------------
2809. push ax
2810. call int_main
2811. ; ---------------------------------------------------------------------------
2812. push ax
2813. call int_main
2814. ; ---------------------------------------------------------------------------
2815. push ax
2816. call int_main
2817. ; ---------------------------------------------------------------------------
2818. push ax
2819. call int_main
2820. ; ---------------------------------------------------------------------------
2821. push ax
2822. call int_main
2823. ; ---------------------------------------------------------------------------
2824. push ax
2825. call int_main
2826. ; ---------------------------------------------------------------------------
2827. push ax
2828. call int_main
2829. ; ---------------------------------------------------------------------------
2830. push ax
2831. call int_main
2832. ; ---------------------------------------------------------------------------
2833. push ax
2834. call int_main
2835. ; ---------------------------------------------------------------------------
2836. push ax
2837. call int_main
2838. ; ---------------------------------------------------------------------------
2839. push ax
2840. call int_main
2841. ; ---------------------------------------------------------------------------
2842. push ax
2843. call int_main
2844. ; ---------------------------------------------------------------------------
2845. push ax
2846. call int_main
2847. ; ---------------------------------------------------------------------------
2848. push ax
2849. call int_main
2850. ; ---------------------------------------------------------------------------
2851. push ax
2852. call int_main
2853. ; ---------------------------------------------------------------------------
2854. push ax
2855. call int_main
2856. ; ---------------------------------------------------------------------------
2857. push ax
2858. call int_main
2859. ; ---------------------------------------------------------------------------
2860. push ax
2861. call int_main
2862. ; ---------------------------------------------------------------------------
2863. push ax
2864. call int_main
2865. ; ---------------------------------------------------------------------------
2866. push ax
2867. call int_main
2868. ; ---------------------------------------------------------------------------
2869. push ax
2870. call int_main
2871. ; ---------------------------------------------------------------------------
2872. push ax
2873. call int_main
2874. ; ---------------------------------------------------------------------------
2875. push ax
2876. call int_main
2877. ; ---------------------------------------------------------------------------
2878. push ax
2879. call int_main
2880. ; ---------------------------------------------------------------------------
2881. push ax
2882. call int_main
2883. ; ---------------------------------------------------------------------------
2884. push ax
2885. call int_main
2886. ; ---------------------------------------------------------------------------
2887. push ax
2888. call int_main
2889. ; ---------------------------------------------------------------------------
2890. push ax
2891. call int_main
2892. ; ---------------------------------------------------------------------------
2893. push ax
2894. call int_main
2895. ; ---------------------------------------------------------------------------
2896. push ax
2897. call int_main
2898. ; ---------------------------------------------------------------------------
2899. push ax
2900. call int_main
2901. ; ---------------------------------------------------------------------------
2902. push ax
2903. call int_main
2904. ; ---------------------------------------------------------------------------
2905. push ax
2906. call int_main
2907. ; ---------------------------------------------------------------------------
2908. push ax
2909. call int_main
2910. ; ---------------------------------------------------------------------------
2911. push ax
2912. call int_main
2913. ; ---------------------------------------------------------------------------
2914. push ax
2915. call int_main
2916. ; ---------------------------------------------------------------------------
2917. push ax
2918. call int_main
2919. ; ---------------------------------------------------------------------------
2920. push ax
2921. call int_main
2922. ; ---------------------------------------------------------------------------
2923. push ax
2924. call int_main
2925. ; ---------------------------------------------------------------------------
2926. push ax
2927. call int_main
2928. ; ---------------------------------------------------------------------------
2929. push ax
2930. call int_main
2931. ; ---------------------------------------------------------------------------
2932. push ax
2933. call int_main
2934. ; ---------------------------------------------------------------------------
2935. push ax
2936. call int_main
2937. ; ---------------------------------------------------------------------------
2938. push ax
2939. call int_main
2940. ; ---------------------------------------------------------------------------
2941. push ax
2942. call int_main
2943. ; ---------------------------------------------------------------------------
2944. push ax
2945. call int_main
2946. ; ---------------------------------------------------------------------------
2947. push ax
2948. call int_main
2949. ; ---------------------------------------------------------------------------
2950. push ax
2951. call int_main
2952. ; ---------------------------------------------------------------------------
2953. push ax
2954. call int_main
2955. ; ---------------------------------------------------------------------------
2956. push ax
2957. call int_main
2958. ; ---------------------------------------------------------------------------
2959. push ax
2960. call int_main
2961. ; ---------------------------------------------------------------------------
2962. push ax
2963. call int_main
2964. ; ---------------------------------------------------------------------------
2965. push ax
2966. call int_main
2967. ; ---------------------------------------------------------------------------
2968. push ax
2969. call int_main
2970. ; ---------------------------------------------------------------------------
2971. push ax
2972. call int_main
2973. ; ---------------------------------------------------------------------------
2974. push ax
2975. call int_main
2976. ; ---------------------------------------------------------------------------
2977. push ax
2978. call int_main
2979. ; ---------------------------------------------------------------------------
2980. push ax
2981. call int_main
2982. ; ---------------------------------------------------------------------------
2983. push ax
2984. call int_main
2985. ; ---------------------------------------------------------------------------
2986. push ax
2987. call int_main
2988. ; ---------------------------------------------------------------------------
2989. push ax
2990. call int_main
2991. ; ---------------------------------------------------------------------------
2992. push ax
2993. call int_main
2994. ; ---------------------------------------------------------------------------
2995. push ax
2996. call int_main
2997. ; ---------------------------------------------------------------------------
2998. push ax
2999. call int_main
3000. ; ---------------------------------------------------------------------------
3001. push ax
3002. call int_main
3003. ; ---------------------------------------------------------------------------
3004. push ax
3005. call int_main
3006. ; ---------------------------------------------------------------------------
3007. push ax
3008. call int_main
3009. ; ---------------------------------------------------------------------------
3010. push ax
3011. call int_main
3012. ; ---------------------------------------------------------------------------
3013. push ax
3014. call int_main
3015. ; ---------------------------------------------------------------------------
3016. push ax
3017. call int_main
3018. ; ---------------------------------------------------------------------------
3019. push ax
3020. call int_main
3021. ; ---------------------------------------------------------------------------
3022. push ax
3023. call int_main
3024. ; ---------------------------------------------------------------------------
3025. push ax
3026. call int_main
3027. ; ---------------------------------------------------------------------------
3028. push ax
3029. call int_main
3030. ; ---------------------------------------------------------------------------
3031. push ax
3032. call int_main
3033. ; ---------------------------------------------------------------------------
3034. push ax
3035. call int_main
3036. ; ---------------------------------------------------------------------------
3037. push ax
3038. call int_main
3039. ; ---------------------------------------------------------------------------
3040. push ax
3041. call int_main
3042. ; ---------------------------------------------------------------------------
3043. push ax
3044. call int_main
3045. ; ---------------------------------------------------------------------------
3046. push ax
3047. call int_main
3048. ; ---------------------------------------------------------------------------
3049. push ax
3050. call int_main
3051. ; ---------------------------------------------------------------------------
3052. push ax
3053. call int_main
3054. ; ---------------------------------------------------------------------------
3055. push ax
3056. call int_main
3057. ; ---------------------------------------------------------------------------
3058. push ax
3059. call int_main
3060. ; ---------------------------------------------------------------------------
3061. push ax
3062. call int_main
3063. ; ---------------------------------------------------------------------------
3064. push ax
3065. call int_main
3066. ; ---------------------------------------------------------------------------
3067. push ax
3068. call int_main
3069. ; ---------------------------------------------------------------------------
3070. push ax
3071. call int_main
3072. ; ---------------------------------------------------------------------------
3073. push ax
3074. call int_main
3075. ; ---------------------------------------------------------------------------
3076. push ax
3077. call int_main
3078. ; ---------------------------------------------------------------------------
3079. push ax
3080. call int_main
3081. ; ---------------------------------------------------------------------------
3082. push ax
3083. call int_main
3084. ; ---------------------------------------------------------------------------
3085. push ax
3086. call int_main
3087. ; ---------------------------------------------------------------------------
3088. push ax
3089. call int_main
3090. ; ---------------------------------------------------------------------------
3091. push ax
3092. call int_main
3093. ; ---------------------------------------------------------------------------
3094. push ax
3095. call int_main
3096. ; ---------------------------------------------------------------------------
3097. push ax
3098. call int_main
3099. ; ---------------------------------------------------------------------------
3100. push ax
3101. call int_main
3102. ; ---------------------------------------------------------------------------
3103. push ax
3104. call int_main
3105. ; ---------------------------------------------------------------------------
3106. push ax
3107. call int_main
3108. ; ---------------------------------------------------------------------------
3109. push ax
3110. call int_main
3111. ; ---------------------------------------------------------------------------
3112. push ax
3113. call int_main
3114. ; ---------------------------------------------------------------------------
3115. push ax
3116. call int_main
3117. ; ---------------------------------------------------------------------------
3118. push ax
3119. call int_main
3120. ; ---------------------------------------------------------------------------
3121. push ax
3122. call int_main
3123. ; ---------------------------------------------------------------------------
3124. push ax
3125. call int_main
3126. ; ---------------------------------------------------------------------------
3127. push ax
3128. call int_main
3129. ; ---------------------------------------------------------------------------
3130. push ax
3131. call int_main
3132. ; ---------------------------------------------------------------------------
3133. push ax
3134. call int_main
3135. ; ---------------------------------------------------------------------------
3136. push ax
3137. call int_main
3138. ; ---------------------------------------------------------------------------
3139. push ax
3140. call int_main
3141. ; ---------------------------------------------------------------------------
3142. push ax
3143. call int_main
3144. ; ---------------------------------------------------------------------------
3145. push ax
3146. call int_main
3147. ; ---------------------------------------------------------------------------
3148. push ax
3149. call int_main
3150. ; ---------------------------------------------------------------------------
3151. push ax
3152. call int_main
3153. ; ---------------------------------------------------------------------------
3154. push ax
3155. call int_main
3156. ; ---------------------------------------------------------------------------
3157. push ax
3158. call int_main
3159. ; ---------------------------------------------------------------------------
3160. push ax
3161. call int_main
3162. ; ---------------------------------------------------------------------------
3163. push ax
3164. call int_main
3165. ; ---------------------------------------------------------------------------
3166. push ax
3167. call int_main
3168. ; ---------------------------------------------------------------------------
3169. push ax
3170. call int_main
3171. ; ---------------------------------------------------------------------------
3172. push ax
3173. call int_main
3174. ; ---------------------------------------------------------------------------
3175. push ax
3176. call int_main
3177. ; ---------------------------------------------------------------------------
3178. push ax
3179. call int_main
3180. ; ---------------------------------------------------------------------------
3181. push ax
3182. call int_main
3183. ; ---------------------------------------------------------------------------
3184. push ax
3185. call int_main
3186. ; ---------------------------------------------------------------------------
3187. push ax
3188. call int_main
3189. ; ---------------------------------------------------------------------------
3190. push ax
3191. call int_main
3192. ; ---------------------------------------------------------------------------
3193. push ax
3194. call int_main
3195. ; ---------------------------------------------------------------------------
3196. push ax
3197. call int_main
3198. ; ---------------------------------------------------------------------------
3199. push ax
3200. call int_main
3201. ; ---------------------------------------------------------------------------
3202. push ax
3203. call int_main
3204. ; ---------------------------------------------------------------------------
3205. push ax
3206. call int_main
3207. ; ---------------------------------------------------------------------------
3208. push ax
3209. call int_main
3210. ; ---------------------------------------------------------------------------
3211. push ax
3212. call int_main
3213. ; ---------------------------------------------------------------------------
3214. push ax
3215. call int_main
3216. ; ---------------------------------------------------------------------------
3217. push ax
3218. call int_main
3219. ; ---------------------------------------------------------------------------
3220. push ax
3221. call int_main
3222. ; ---------------------------------------------------------------------------
3223. push ax
3224. call int_main
3225. ; ---------------------------------------------------------------------------
3226. push ax
3227. call int_main
3228. ; ---------------------------------------------------------------------------
3229. push ax
3230. call int_main
3231. ; ---------------------------------------------------------------------------
3232. push ax
3233. call int_main
3234. ; ---------------------------------------------------------------------------
3235. push ax
3236. call int_main
3237. ; ---------------------------------------------------------------------------
3238. push ax
3239. call int_main
3240. ; ---------------------------------------------------------------------------
3241. push ax
3242. call int_main
3243. ; ---------------------------------------------------------------------------
3244. push ax
3245. call int_main
3246. ; ---------------------------------------------------------------------------
3247. push ax
3248. call int_main
3249. ; ---------------------------------------------------------------------------
3250. push ax
3251. call int_main
3252. ; ---------------------------------------------------------------------------
3253. push ax
3254. call int_main
3255. ; ---------------------------------------------------------------------------
3256. push ax
3257. call int_main
3258. ; ---------------------------------------------------------------------------
3259. push ax
3260. call int_main
3261. ; ---------------------------------------------------------------------------
3262. push ax
3263. call int_main
3264. ; ---------------------------------------------------------------------------
3265. push ax
3266. call int_main
3267. ; ---------------------------------------------------------------------------
3268. push ax
3269. call int_main
3270. ; ---------------------------------------------------------------------------
3271. push ax
3272. call int_main
3273. ; ---------------------------------------------------------------------------
3274. push ax
3275. call int_main
3276. ; ---------------------------------------------------------------------------
3277. push ax
3278. call int_main
3279. ; ---------------------------------------------------------------------------
3280. push ax
3281. call int_main
3282. ; ---------------------------------------------------------------------------
3283. push ax
3284. call int_main
3285. ; ---------------------------------------------------------------------------
3286. push ax
3287. call int_main
3288. ; ---------------------------------------------------------------------------
3289. push ax
3290. call int_main
3291. ; ---------------------------------------------------------------------------
3292. push ax
3293. call int_main
3294. ; ---------------------------------------------------------------------------
3295. push ax
3296. call int_main
3297. ; ---------------------------------------------------------------------------
3298. push ax
3299. call int_main
3300. ; ---------------------------------------------------------------------------
3301.  
3302. std_matrix:
3303. push ax
3304. call irq_standard
3305. ; ---------------------------------------------------------------------------
3306. push ax
3307. call irq_standard
3308. ; ---------------------------------------------------------------------------
3309. push ax
3310. call irq_standard
3311. ; ---------------------------------------------------------------------------
3312. push ax
3313. call irq_standard
3314. ; ---------------------------------------------------------------------------
3315. push ax
3316. call irq_standard
3317. ; ---------------------------------------------------------------------------
3318. push ax
3319. call irq_standard
3320. ; ---------------------------------------------------------------------------
3321. push ax
3322. call irq_standard
3323. ; ---------------------------------------------------------------------------
3324. push ax
3325. call irq_standard
3326. ; ---------------------------------------------------------------------------
3327. push ax
3328. call irq_standard
3329. ; ---------------------------------------------------------------------------
3330. push ax
3331. call irq_standard
3332. ; ---------------------------------------------------------------------------
3333. push ax
3334. call irq_standard
3335. ; ---------------------------------------------------------------------------
3336. push ax
3337. call irq_standard
3338. ; ---------------------------------------------------------------------------
3339. push ax
3340. call irq_standard
3341. ; ---------------------------------------------------------------------------
3342. push ax
3343. call irq_standard
3344. ; ---------------------------------------------------------------------------
3345. push ax
3346. call irq_standard
3347. ; ---------------------------------------------------------------------------
3348. push ax
3349. call irq_standard
3350. ; ---------------------------------------------------------------------------
3351.  
3352. back_matrix:
3353. push ax
3354. call near ptr irq_callback
3355. ; ---------------------------------------------------------------------------
3356. push ax
3357. call near ptr irq_callback
3358. ; ---------------------------------------------------------------------------
3359. push ax
3360. call near ptr irq_callback
3361. ; ---------------------------------------------------------------------------
3362. push ax
3363. call near ptr irq_callback
3364. ; ---------------------------------------------------------------------------
3365. push ax
3366. call near ptr irq_callback
3367. ; ---------------------------------------------------------------------------
3368. push ax
3369. call near ptr irq_callback
3370. ; ---------------------------------------------------------------------------
3371. push ax
3372. call near ptr irq_callback
3373. ; ---------------------------------------------------------------------------
3374. push ax
3375. call near ptr irq_callback
3376. ; ---------------------------------------------------------------------------
3377. push ax
3378. call near ptr irq_callback
3379. ; ---------------------------------------------------------------------------
3380. push ax
3381. call near ptr irq_callback
3382. ; ---------------------------------------------------------------------------
3383. push ax
3384. call near ptr irq_callback
3385. ; ---------------------------------------------------------------------------
3386. push ax
3387. call near ptr irq_callback
3388. ; ---------------------------------------------------------------------------
3389. push ax
3390. call near ptr irq_callback
3391. ; ---------------------------------------------------------------------------
3392. push ax
3393. call near ptr irq_callback
3394. ; ---------------------------------------------------------------------------
3395. push ax
3396. call near ptr irq_callback
3397. ; ---------------------------------------------------------------------------
3398. push ax
3399. call near ptr irq_callback
3400. ; ---------------------------------------------------------------------------
3401.  
3402. excmatrix:
3403. push ax
3404. call exc_handler
3405. ; ---------------------------------------------------------------------------
3406. push ax
3407. call exc_handler
3408. ; ---------------------------------------------------------------------------
3409. push ax
3410. call exc_handler
3411. ; ---------------------------------------------------------------------------
3412. push ax
3413. call exc_handler
3414. ; ---------------------------------------------------------------------------
3415. push ax
3416. call exc_handler
3417. ; ---------------------------------------------------------------------------
3418. push ax
3419. call exc_handler
3420. ; ---------------------------------------------------------------------------
3421. push ax
3422. call exc_handler
3423. ; ---------------------------------------------------------------------------
3424. push ax
3425. call exc_handler
3426. ; ---------------------------------------------------------------------------
3427. push ax
3428. call exc_handler
3429. ; ---------------------------------------------------------------------------
3430. push ax
3431. call exc_handler
3432. ; ---------------------------------------------------------------------------
3433. push ax
3434. call exc_handler
3435. ; ---------------------------------------------------------------------------
3436. push ax
3437. call exc_handler
3438. ; ---------------------------------------------------------------------------
3439. push ax
3440. call exc_handler
3441. ; ---------------------------------------------------------------------------
3442. push ax
3443. call exc_handler
3444. ; ---------------------------------------------------------------------------
3445. push ax
3446. call exc_handler
3447. ; ---------------------------------------------------------------------------
3448. push ax
3449. call exc_handler
3450.  
3451. ; =============== S U B R O U T I N E =======================================
3452.  
3453.  
3454. critical_error_rm proc near
3455. cli
3456. mov ds, cs:seldata
3457. mov es, selzero
3458. mov eax, dword ptr oldint1Bh_and_1Ch+5
3459. mov es:70h, eax
3460. mov ax, word ptr rmstacktop2+1
3461. mov word ptr rmstackbase_and_top+2, ax
3462. mov ax, 8200h
3463. jmp dword ptr client_call
3464. critical_error_rm endp
3465.  
3466.  
3467. ; =============== S U B R O U T I N E =======================================
3468.  
3469.  
3470. critical_error_pm proc near
3471. cli
3472. xor ax, ax
3473. mov ds, cs:kernel_code
3474. mov es, ax
3475. assume es:nothing
3476. mov eax, dword ptr oldint1Bh_and_1Ch+5
3477. mov es:70h, eax
3478. mov eax, dword ptr pmstacktop2
3479. mov dword ptr pmstackbase_and_top+4, eax
3480. mov ebx, eax
3481. mov ax, 10h
3482. mov cx, ax
3483. mov dx, 18h
3484. mov si, 8
3485. mov edi, offset loc_117D3
3486. jmp rmtopmswrout
3487. ; ---------------------------------------------------------------------------
3488.  
3489. loc_117D3:
3490. mov ax, 8300h
3491. jmp dword ptr client_call
3492. critical_error_pm endp
3493.  
3494.  
3495. ; =============== S U B R O U T I N E =======================================
3496.  
3497.  
3498. nmi_forward proc near
3499. pop ax ; DOS32AWE ADDITION BEGIN
3500. pushad
3501. push ds
3502. push es
3503. push fs
3504. push gs
3505. mov ds, cs:seldata
3506. movzx eax, al
3507. mov dx, word ptr rmstackbase_and_top+2
3508. mov bx, word ptr rmstacklen
3509. movzx esi, dx
3510. sub dx, bx
3511. shl esi, 4
3512. cmp dx, word ptr rmstackbase_and_top
3513. jb critical_error_rm
3514. mov word ptr rmstackbase_and_top+2, dx
3515. shl bx, 4
3516. mov edi, dword ptr newNMI
3517. mov ds, selzero
3518. mov dword ptr pm32_rmstacklen, edi
3519. mov word ptr [esi-2], ss
3520. mov [esi-6], esp
3521. mov dword ptr [esi-0Ah], seg KERNEL
3522. mov word ptr [esi-0Ch], offset @@0
3523. shld esi, edi, 10h
3524. sub bx, 0Ch
3525. jmp large [cs:pmtormswrout]
3526. ; ---------------------------------------------------------------------------
3527.  
3528. @@0:
3529. cli
3530. mov ax, 10h
3531. mov cx, ax
3532. pop ebx
3533. pop dx
3534. mov si, 8
3535. mov edi, offset @@1
3536. jmp cs:rmtopmswrout
3537. ; ---------------------------------------------------------------------------
3538.  
3539. @@1:
3540. mov ax, word ptr rmstacklen
3541. add word ptr rmstackbase_and_top+2, ax
3542. mov ds, selzero
3543. pop gs
3544. assume gs:nothing
3545. pop fs
3546. assume fs:nothing
3547. pop es
3548. assume es:nothing
3549. pop ds
3550. popad
3551. pop ax
3552. iretd ; DOS32AWE ADDITION END
3553. nmi_forward endp
3554.  
3555.  
3556. ; =============== S U B R O U T I N E =======================================
3557.  
3558. ; Attributes: noreturn
3559.  
3560. int_main proc near
3561.  
3562. var_1E = byte ptr -1Eh
3563. arg_0 = word ptr 2
3564. arg_6 = word ptr 8
3565.  
3566. cli
3567. pop ax
3568. sub ax, offset irq_atcall
3569. shr ax, 2
3570. pushad
3571. push ds
3572. push es
3573. push fs
3574. push gs
3575. mov ds, cs:seldata
3576. inc dword ptr _pc_intpmtorm+1
3577. mov byte ptr @@N+1, al
3578. mov dx, word ptr rmstackbase_and_top+2
3579. mov bx, word ptr rmstacklen
3580. movzx esi, dx
3581. sub dx, bx
3582. shl esi, 4
3583. cmp dx, word ptr rmstackbase_and_top
3584. jb critical_error_rm
3585. mov word ptr rmstackbase_and_top+2, dx
3586. shl bx, 4
3587. mov es, selzero
3588. mov ds, selzero
3589. lea edi, [esi-26h]
3590. mov ecx, 8
3591. mov word ptr [esi-2], ss
3592. mov [esi-6], esp
3593. lea esi, [esp+26h+var_1E]
3594. cld
3595. rep movs dword ptr es:[edi], dword ptr ss:[esi]
3596. mov ax, [esp+26h+arg_0]
3597. mov [edi-4], ax
3598. mov si, seg KERNEL
3599. mov di, offset @@0
3600. sub bx, 26h ; '&'
3601. jmp large [cs:pmtormswrout]
3602. ; ---------------------------------------------------------------------------
3603.  
3604. @@0:
3605. popad
3606.  
3607. @@N: ; - internal hardware - DIVIDE ERROR
3608. int 0 ; Automatically called at end of DIV or IDIV operation that results in error
3609. ; or overflow. Normally set by DOS to display an error message and abort
3610. ; the program.
3611. pushad
3612. pushf
3613. cli
3614. xor eax, eax
3615. mov ebp, eax
3616. mov ax, ss
3617. shl eax, 4
3618. mov bp, sp
3619. mov ebx, [bp+22h]
3620. mov dx, [bp+26h]
3621. add ebp, eax
3622. mov ax, 18h
3623. mov cx, 10h
3624. mov si, 8
3625. mov edi, offset @@1
3626. jmp cs:rmtopmswrout
3627. ; ---------------------------------------------------------------------------
3628.  
3629. @@1:
3630. inc dword ptr es:_pc_intrmtopm_minus1+1
3631. mov ax, word ptr es:rmstacklen
3632. add word ptr es:rmstackbase_and_top+2, ax
3633. mov ax, ds:[ebp+0]
3634. and ax, 8D5h
3635. mov dx, [esp+2Ah+arg_6]
3636. and dx, not 8D5h
3637. or ax, dx
3638. mov [esp+2Ah+arg_6], ax
3639. mov eax, ebp
3640. mov edi, [eax+2]
3641. mov esi, [eax+6]
3642. mov ebp, [eax+0Ah]
3643. mov ebx, [eax+12h]
3644. mov edx, [eax+16h]
3645. mov ecx, [eax+1Ah]
3646. mov eax, [eax+1Eh]
3647. pop gs
3648. pop fs
3649. pop es
3650. pop ds
3651. add esp, 22h
3652. iretd
3653. int_main endp
3654.  
3655.  
3656. ; =============== S U B R O U T I N E =======================================
3657.  
3658.  
3659. irq_tester proc near
3660.  
3661. var_14 = dword ptr -14h
3662. var_10 = dword ptr -10h
3663. var_C = dword ptr -0Ch
3664. var_8 = dword ptr -8
3665. var_2 = word ptr -2
3666. arg_2 = dword ptr 4
3667. arg_6 = dword ptr 8
3668. arg_A = dword ptr 0Ch
3669. arg_E = dword ptr 10h
3670.  
3671. mov al, 0Bh
3672. out 20h, al ; Interrupt controller, 8259A.
3673. in al, 20h ; Interrupt controller, 8259A.
3674. test al, al
3675. jz irq_fail
3676. mov ax, [esp]
3677. sub ax, offset irq_atcall
3678. shr ax, 2
3679. mov [esp], ax
3680. and al, 7
3681. bt word ptr cs:irqset_pm_minus1+1, ax
3682. pop ax
3683. jnb short loc_119D8
3684. and al, 7
3685. shl ax, 3
3686. xchg ax, bx
3687. sub esp, 6
3688. mov [esp+4], ax
3689. mov ax, word ptr cs:(irqtab_pm_minus1+1)[bx]
3690. mov [esp], ax
3691. mov ax, word ptr cs:(irqtab_pm_minus1+3)[bx]
3692. mov [esp+4+var_2], ax
3693. mov bx, word ptr cs:irqtab_pm_plus4[bx]
3694. xchg bx, [esp+4]
3695. mov ax, [esp+6]
3696. db 66h
3697. retf
3698. irq_tester endp ; sp-analysis failed
3699.  
3700.  
3701. ; =============== S U B R O U T I N E =======================================
3702.  
3703.  
3704. irq_normal proc near
3705. pop ax
3706. sub ax, offset irq_atcall
3707. shr ax, 2
3708.  
3709. loc_119D8:
3710. pushad
3711. push ds
3712. push es
3713. push fs
3714. push gs
3715. mov ds, cs:seldata
3716. inc dword ptr _pc_irqpmtorm
3717. movzx eax, al
3718. mov dx, word ptr rmstackbase_and_top+2
3719. mov bx, word ptr rmstacklen
3720. movzx esi, dx
3721. sub dx, bx
3722. shl esi, 4
3723. cmp dx, word ptr rmstackbase_and_top
3724. jb critical_error_rm
3725. mov word ptr rmstackbase_and_top+2, dx
3726. shl bx, 4
3727. mov ds, selzero
3728. mov edi, dword ptr pm32_mode[eax*4]
3729. mov word ptr [esi-2], ss
3730. mov [esi-6], esp
3731. mov dword ptr [esi-0Ah], seg KERNEL
3732. mov word ptr [esi-0Ch], offset @irq
3733. shld esi, edi, 10h
3734. sub bx, 0Ch
3735. jmp large [cs:pmtormswrout]
3736. irq_normal endp ; sp-analysis failed
3737.  
3738.  
3739. ; =============== S U B R O U T I N E =======================================
3740.  
3741.  
3742. irq_fail proc near
3743.  
3744. var_14 = dword ptr -14h
3745. var_10 = dword ptr -10h
3746. var_C = dword ptr -0Ch
3747. var_8 = dword ptr -8
3748. var_4 = dword ptr -4
3749. arg_2 = dword ptr 4
3750. arg_6 = dword ptr 8
3751. arg_A = dword ptr 0Ch
3752. arg_E = dword ptr 10h
3753.  
3754. pop ax
3755. sub ax, offset irq_atcall
3756. shr ax, 2
3757. cmp al, 8
3758. jb @@2
3759. cmp al, 9
3760. jz short @@2
3761. cmp al, 0Eh
3762. ja short @@2
3763. sub esp, 16h
3764. mov [esp+14h+var_C], eax
3765. movzx eax, ax
3766. mov eax, dword ptr cs:exctabpm_minus3+3[eax*8]
3767. mov [esp], eax
3768. movzx eax, word ptr [esp+14h+var_C]
3769. mov eax, dword ptr cs:exctabpm_plus1+3[eax*8]
3770. mov [esp+14h+var_10], eax
3771. mov ax, [esp+16h]
3772. mov word ptr [esp+14h+var_C], ax
3773. mov ax, cs
3774. mov [esp+14h+var_8], eax
3775. mov eax, [esp+14h+arg_2]
3776. mov [esp+14h+var_4], eax
3777. mov eax, [esp+14h+arg_6]
3778. mov [esp+14h], eax
3779. mov eax, [esp+14h+arg_A]
3780. mov [esp+14h+arg_2], eax
3781. mov eax, [esp+14h+arg_E]
3782. mov [esp+14h+arg_6], eax
3783. jmp short @@run
3784. ; ---------------------------------------------------------------------------
3785.  
3786. @@2:
3787. sub esp, 1Ah
3788. mov [esp+18h+var_10], eax
3789. movzx eax, ax
3790. mov eax, dword ptr cs:exctabpm_minus3+3[eax*8]
3791. mov [esp], eax
3792. movzx eax, word ptr [esp+18h+var_10]
3793. mov eax, dword ptr cs:exctabpm_plus1+3[eax*8]
3794. mov [esp+18h+var_14], eax
3795. mov ax, [esp+1Ah]
3796. mov word ptr [esp+18h+var_10], ax
3797. mov ax, cs
3798. mov [esp+18h+var_C], eax
3799. xor eax, eax
3800. mov [esp+18h+var_8], eax
3801. mov eax, [esp+18h+arg_2]
3802. mov [esp+18h+var_4], eax
3803. mov eax, [esp+18h+arg_6]
3804. mov [esp+18h], eax
3805. mov eax, [esp+18h+arg_A]
3806. mov [esp+18h+arg_2], eax
3807.  
3808. @@run:
3809. lea eax, [esp+18h+arg_E]
3810. mov [esp+18h+arg_6], eax
3811. mov ax, ss
3812. movzx eax, ax
3813. mov [esp+18h+arg_A], eax
3814. mov ax, offset @@ret
3815. xchg eax, [esp+18h+var_10]
3816. db 66h
3817. retf
3818. ; ---------------------------------------------------------------------------
3819.  
3820. @@ret:
3821. mov [esp], eax
3822. mov eax, [esp+18h+var_C]
3823. mov [esp+18h+var_4], eax
3824. mov eax, [esp+18h+var_10]
3825. mov [esp+18h+var_8], eax
3826. mov eax, [esp+18h+var_14]
3827. mov [esp+18h+var_C], eax
3828. mov eax, [esp]
3829. add esp, 0Ch
3830. iretd
3831. irq_fail endp ; sp-analysis failed
3832.  
3833.  
3834. ; =============== S U B R O U T I N E =======================================
3835.  
3836. ; Attributes: noreturn
3837.  
3838. exc_handler proc near
3839. pop ax
3840. sub ax, (offset excmatrix+1)
3841. shr ax, 2
3842. mov ah, 81h
3843. jmp dword ptr cs:client_call
3844. exc_handler endp ; sp-analysis failed
3845.  
3846.  
3847. ; =============== S U B R O U T I N E =======================================
3848.  
3849. ; Attributes: noreturn
3850.  
3851. irq_standard proc near
3852. cli
3853. pop ax
3854. sub ax, (offset std_matrix+1)
3855. shr ax, 2
3856. pushad
3857. push ds
3858. push es
3859. push fs
3860. push gs
3861. mov ds, cs:seldata
3862. inc dword ptr _pc_irqpmtorm
3863. movzx eax, al
3864. mov dx, word ptr rmstackbase_and_top+2
3865. mov bx, word ptr rmstacklen
3866. movzx esi, dx
3867. sub dx, bx
3868. shl esi, 4
3869. cmp dx, word ptr rmstackbase_and_top
3870. jb critical_error_rm
3871. mov word ptr rmstackbase_and_top+2, dx
3872. shl bx, 4
3873. mov edi, dword ptr irqtabrm_minus1+1[eax*4]
3874. mov ds, selzero
3875. mov word ptr [esi-2], ss
3876. mov [esi-6], esp
3877. mov dword ptr [esi-0Ah], seg KERNEL
3878. mov word ptr [esi-0Ch], offset @irq
3879. shld esi, edi, 10h
3880. sub bx, 0Ch
3881. jmp large [cs:pmtormswrout]
3882. irq_standard endp
3883.  
3884.  
3885. ; =============== S U B R O U T I N E =======================================
3886.  
3887.  
3888. @irq proc near
3889. cli
3890. mov ax, 10h
3891. mov cx, ax
3892. pop ebx
3893. pop dx
3894. mov si, 8
3895. mov edi, offset loc_11C30
3896. jmp cs:rmtopmswrout
3897. ; ---------------------------------------------------------------------------
3898.  
3899. loc_11C30: ; also _pc_irqrmtopm
3900. inc dword ptr cpu_detect
3901. mov ax, word ptr rmstacklen
3902. add word ptr rmstackbase_and_top+2, ax
3903. pop gs
3904. pop fs
3905. pop es
3906. pop ds
3907. popad
3908. pop ax
3909. iretd
3910. @irq endp ; sp-analysis failed
3911.  
3912.  
3913. ; =============== S U B R O U T I N E =======================================
3914.  
3915. ; Attributes: noreturn
3916.  
3917. irq_callback proc far
3918. cli
3919. pop ax
3920. sub ax, (offset back_matrix+1)
3921. shr ax, 2
3922. pushad
3923. push ds
3924. push es
3925. push fs
3926. push gs
3927. mov ds, cs:kernel_code
3928. inc dword ptr loc_102F4
3929. mov byte ptr _pc_irqcbrmtopm+2, al ; also irqset_rm - 3
3930. mov edx, dword ptr pmstackbase_and_top+4
3931. mov ebx, edx
3932. sub edx, dword ptr pmstacklen_minus1+1
3933. cmp edx, dword ptr pmstackbase_and_top
3934. jb critical_error_pm
3935. mov dword ptr pmstackbase_and_top+4, edx
3936. mov bp, ss
3937. shl ebp, 10h
3938. mov bp, sp
3939. mov si, word ptr irqcallbackptr
3940. mov dword ptr (v_init__cbdata1B+100h)[si], esp
3941. add word ptr irqcallbackptr, 4
3942. mov ax, 8
3943. mov cx, 18h
3944. mov dx, cx
3945. mov si, ax
3946. mov edi, offset @@0
3947. jmp rmtopmswrout
3948. ; ---------------------------------------------------------------------------
3949.  
3950. @@0: ; also irqset_rm - 3
3951. movzx bx, byte ptr _pc_irqcbrmtopm+2
3952. shl bx, 3
3953. pushfd
3954. push large 8
3955. push large offset @@1
3956. jmp large fword ptr (irqtab_pm_minus1+1)[bx]
3957. ; ---------------------------------------------------------------------------
3958.  
3959. @@1:
3960. mov ax, seg KERNEL
3961. mov si, ax
3962. mov di, offset @@2
3963. mov bx, bp
3964. shr ebp, 10h
3965. mov dx, bp
3966. jmp large [cs:pmtormswrout]
3967. ; ---------------------------------------------------------------------------
3968.  
3969. @@2:
3970. inc dword ptr _pc_irqcbpmtorm
3971. mov eax, dword ptr pmstacklen_minus1+1
3972. add dword ptr pmstackbase_and_top+4, eax
3973. sub word ptr irqcallbackptr, 4
3974. mov si, word ptr irqcallbackptr
3975. mov esp, dword ptr (v_init__cbdata1B+100h)[si]
3976. pop gs
3977. pop fs
3978. pop es
3979. pop ds
3980. popad
3981. pop ax
3982. iret
3983. irq_callback endp
3984.  
3985.  
3986. ; =============== S U B R O U T I N E =======================================
3987.  
3988.  
3989. callback proc far
3990.  
3991. arg_8 = byte ptr 0Ah
3992.  
3993. mov ax, sp
3994. push ss
3995. push ax
3996. push gs
3997. push fs
3998. push ds
3999. push es
4000. pushf
4001. cli
4002. push cs
4003. pop ds
4004. inc dword ptr _pc_cbrmtopm+1
4005. mov ebp, dword ptr pmstackbase_and_top+4
4006. mov ebx, ebp
4007. sub ebx, dword ptr pmstacklen_minus1+1
4008. mov dword ptr pmstackbase_and_top+4, ebx
4009. cmp ebx, dword ptr pmstackbase_and_top
4010. jb critical_error_pm
4011. xor eax, eax
4012. mov ebx, eax
4013. mov ax, ss
4014. shl eax, 4
4015. mov bx, sp
4016. add ebx, eax
4017. mov es, gdtseg
4018. or eax, 92000000h
4019. mov es:4Ah, eax
4020. mov ax, 18h
4021. mov dx, ax
4022. mov si, 8
4023. mov edi, offset @@0
4024. jmp rmtopmswrout
4025. ; ---------------------------------------------------------------------------
4026.  
4027. @@0:
4028. mov edi, [esp+0Eh]
4029. lea esi, [esp+18h]
4030. mov ecx, 8
4031. cld
4032. rep movs dword ptr es:[edi], dword ptr [esi]
4033. mov esi, esp
4034. movs word ptr es:[edi], word ptr [esi]
4035. movs dword ptr es:[edi], dword ptr [esi]
4036. movs dword ptr es:[edi], dword ptr [esi]
4037. lods dword ptr [esi]
4038. add ax, 2Ah ; '*'
4039. mov es:[edi+4], eax
4040. mov ds, cs:selcallback
4041. assume ds:nothing
4042. sub edi, 2Ah ; '*'
4043. movzx esi, ax
4044. xchg esp, ebp
4045. pushfd
4046. db 66h
4047. push cs
4048. push large offset @@1
4049. movzx eax, word ptr [ebp+16h]
4050. push eax
4051. push large dword ptr [ebp+12h]
4052. db 66h
4053. retf
4054. ; ---------------------------------------------------------------------------
4055.  
4056. @@1:
4057. cli
4058. push es
4059. pop ds
4060. assume ds:KERNEL
4061. mov esi, edi
4062. mov es, cs:selzero
4063. movzx ebx, word ptr [esi+2Eh]
4064. movzx edx, word ptr [esi+30h]
4065. sub bx, 2Ah ; '*'
4066. mov ebp, [esi+0Ch]
4067. mov bp, bx
4068. lea edi, ds:0[edx*4]
4069. lea edi, [ebx+edi*4]
4070. mov ecx, 8
4071. cld
4072. rep movs dword ptr es:[edi], dword ptr [esi]
4073. mov eax, [esi+6]
4074. mov es:[edi], eax
4075. mov eax, [esi+0Ah]
4076. mov es:[edi+4], eax
4077. mov ax, [esi]
4078. mov es:[edi+8], ax
4079. mov ax, [esi+4]
4080. mov cx, [esi+2]
4081. mov si, seg KERNEL
4082. mov di, offset @@2
4083. jmp large [cs:pmtormswrout]
4084. ; ---------------------------------------------------------------------------
4085.  
4086. @@2: ; also _pc_cbpmtorm-1
4087. inc dword ptr cs:@@1+1
4088. mov esp, ebp
4089. mov eax, dword ptr cs:pmstacklen_minus1+1
4090. add dword ptr cs:pmstackbase_and_top+4, eax
4091. popad
4092. pop fs
4093. pop gs
4094. iret
4095. callback endp ; sp-analysis failed
4096.  
4097. ; ---------------------------------------------------------------------------
4098. int31h_tab i31_handler <300h, offset int31_0300>
4099. i31_handler <301h, offset int31_0301>
4100. i31_handler <302h, offset int31_0301>
4101. i31_handler <0, offset int31_0000>
4102. i31_handler <1, offset int31_0001>
4103. i31_handler <2, offset int31_0002>
4104. i31_handler <3, offset int31_0003>
4105. i31_handler <6, offset int31_0006>
4106. i31_handler <7, offset int31_0007>
4107. i31_handler <8, offset int31_0008>
4108. i31_handler <9, offset int31_0009>
4109. i31_handler <0Ah, offset int31_000A>
4110. i31_handler <0Bh, offset int31_000B>
4111. i31_handler <0Ch, offset int31_000C>
4112. i31_handler <0Eh, offset int31_000E>
4113. i31_handler <0Fh, offset int31_000F>
4114. i31_handler <100h, offset int31_0100>
4115. i31_handler <101h, offset int31_0101>
4116. i31_handler <102h, offset int31_0102>
4117. i31_handler <200h, offset int31_0200>
4118. i31_handler <201h, offset int31_0201>
4119. i31_handler <202h, offset int31_0202>
4120. i31_handler <203h, offset int31_0203>
4121. i31_handler <204h, offset int31_0204>
4122. i31_handler <205h, offset int31_0205>
4123. i31_handler <303h, offset int31_0303>
4124. i31_handler <304h, offset int31_0304>
4125. i31_handler <305h, offset int31_0305>
4126. i31_handler <306h, offset int31_0306>
4127. i31_handler <400h, offset int31_0400>
4128. i31_handler <500h, offset int31_0500>
4129. i31_handler <501h, offset int31_0501>
4130. i31_handler <502h, offset int31_0502>
4131. i31_handler <503h, offset int31_0503>
4132. i31_handler <50Ah, offset int31_050A>
4133. i31_handler <600h, offset int31_0600>
4134. i31_handler <601h, offset int31_0600>
4135. i31_handler <602h, offset int31_0600>
4136. i31_handler <603h, offset int31_0600>
4137. i31_handler <604h, offset int31_0604>
4138. i31_handler <702h, offset int31_0600>
4139. i31_handler <703h, offset int31_0600>
4140. i31_handler <800h, offset int31_0800>
4141. i31_handler <801h, offset int31_0801>
4142. i31_handler <900h, offset int31_0900>
4143. i31_handler <901h, offset int31_0901>
4144. i31_handler <902h, offset int31_0902>
4145. i31_handler <0A00h, offset int31_0A00>
4146. i31_handler <0E00h, offset int31_0E00>
4147. i31_handler <0E01h, offset int31_0E01>
4148. i31_handler <0EEFFh, offset int31_EEFF>
4149.  
4150. ; =============== S U B R O U T I N E =======================================
4151.  
4152.  
4153. int31h_pm proc near
4154.  
4155. var_18 = word ptr -18h
4156. var_10 = word ptr -10h
4157. var_C = word ptr -0Ch
4158. arg_6 = byte ptr 8
4159.  
4160. cli
4161. cld
4162. push ds
4163. push es
4164. push fs
4165. push gs
4166. pushad
4167. push bx
4168. mov ds, cs:seldata
4169. cmp ax, int31h_cache_fn
4170. mov bx, int31h_cache_ptr
4171. jz short loc_11F3F
4172. xor bx, bx
4173.  
4174. loc_11F22:
4175. cmp ax, word ptr int31h_tab.func[bx]
4176. jz short loc_11F34
4177. add bx, 4
4178. cmp bx, 0CCh ; 'Ì'
4179. jb short loc_11F22
4180. pop bx
4181. jmp short int31fail8001
4182. ; ---------------------------------------------------------------------------
4183.  
4184. loc_11F34:
4185. mov bx, int31h_tab.handler[bx]
4186. mov int31h_cache_fn, ax
4187. mov int31h_cache_ptr, bx
4188.  
4189. loc_11F3F:
4190. mov ds, selzero
4191. xchg bx, [esp]
4192. retn
4193. ; ---------------------------------------------------------------------------
4194.  
4195. int31fail8001:
4196. mov al, 1
4197. jmp short int31failx
4198. ; ---------------------------------------------------------------------------
4199.  
4200. int31fail8010:
4201. mov al, 10h
4202. jmp short int31failx
4203. ; ---------------------------------------------------------------------------
4204.  
4205. int31fail8011:
4206. mov al, 11h
4207. jmp short int31failx
4208. ; ---------------------------------------------------------------------------
4209.  
4210. int31fail8012:
4211. mov al, 12h
4212. jmp short int31failx
4213. ; ---------------------------------------------------------------------------
4214.  
4215. int31fail8013:
4216. mov al, 13h
4217. jmp short int31failx
4218. ; ---------------------------------------------------------------------------
4219.  
4220. int31fail8015:
4221. mov al, 15h
4222. jmp short int31failx
4223. ; ---------------------------------------------------------------------------
4224.  
4225. int31fail8016:
4226. mov al, 16h
4227. jmp short int31failx
4228. ; ---------------------------------------------------------------------------
4229.  
4230. int31fail8021:
4231. mov al, 21h ; '!'
4232. jmp short int31failx
4233. ; ---------------------------------------------------------------------------
4234.  
4235. int31fail8022:
4236. mov al, 22h ; '"'
4237. jmp short int31failx
4238. ; ---------------------------------------------------------------------------
4239.  
4240. int31fail8023:
4241. mov al, 23h ; '#'
4242. jmp short int31failx
4243. ; ---------------------------------------------------------------------------
4244.  
4245. int31fail8024:
4246. mov al, 24h ; '$'
4247. jmp short int31failx
4248. ; ---------------------------------------------------------------------------
4249.  
4250. int31fail8025:
4251. mov al, 25h ; '%'
4252.  
4253. int31failx:
4254. mov ah, 80h ; '€'
4255. mov [esp+28h+var_C], ax
4256. jmp short int31fail
4257. ; ---------------------------------------------------------------------------
4258.  
4259. int31failbx:
4260. mov [esp+28h+var_18], bx
4261. jmp short int31failax
4262. ; ---------------------------------------------------------------------------
4263.  
4264. int31failcx:
4265. mov [esp+28h+var_10], cx
4266.  
4267. int31failax:
4268. mov [esp+28h+var_C], ax
4269.  
4270. int31fail:
4271. popad
4272. pop gs
4273. pop fs
4274. pop es
4275. pop ds
4276.  
4277. int31failnopop:
4278. or [esp+arg_6], 1
4279. iretd
4280. int31h_pm endp ; sp-analysis failed
4281.  
4282. ; ---------------------------------------------------------------------------
4283.  
4284. int31okedx:
4285. mov [esp+14h], edx
4286. jmp short int31okcx
4287. ; ---------------------------------------------------------------------------
4288.  
4289. int31okdx:
4290. mov [esp+14h], dx
4291. jmp short int31okcx
4292. ; ---------------------------------------------------------------------------
4293.  
4294. int31oksinoax:
4295. mov ax, [esp+1Ch]
4296. mov [esp+4], si
4297. mov [esp], di
4298.  
4299. int31okbx:
4300. mov [esp+10h], bx
4301.  
4302. int31okcx:
4303. mov [esp+18h], cx
4304.  
4305. int31okax:
4306. mov [esp+1Ch], ax
4307.  
4308. int31ok:
4309. popad
4310. pop gs
4311. pop fs
4312. pop es
4313. pop ds
4314.  
4315. int31oknopop:
4316. and byte ptr [esp+8], 0FEh
4317. iretd
4318.  
4319. ; =============== S U B R O U T I N E =======================================
4320.  
4321.  
4322. int31testsel proc near
4323. pop bp
4324. cmp bx, cs:gdtlimit
4325. ja short int31fail8022
4326. mov edi, cs:gdtbase
4327. and ebx, 0FFF8h
4328. test byte ptr [edi+ebx+6], 10h
4329. jz int31fail8022
4330. jmp bp
4331. int31testsel endp ; sp-analysis failed
4332.  
4333.  
4334. ; =============== S U B R O U T I N E =======================================
4335.  
4336.  
4337. int31testaccess proc near
4338. pop bp
4339. test ch, 20h
4340. jnz int31fail8021
4341. test cl, 90h
4342. jz int31fail8021
4343. jnp int31fail8021
4344. test cl, 60h
4345. jnz int31fail8021
4346. test cl, 8
4347. jz short loc_1202A
4348. test cl, 2
4349. jz int31fail8021
4350. test cl, 4
4351. jnz int31fail8021
4352.  
4353. loc_1202A:
4354. jmp bp
4355. int31testaccess endp ; sp-analysis failed
4356.  
4357.  
4358. ; =============== S U B R O U T I N E =======================================
4359.  
4360.  
4361. int31_testint proc near
4362. movzx ebx, bl
4363. mov al, bl
4364. mov ah, bl
4365. and ax, 0F807h
4366. movzx esi, al
4367. cmp ah, picmaster
4368. jz short locret_1204D
4369. add si, 8
4370. cmp ah, picslave
4371. jz short locret_1204D
4372. or si, 0FFFFh
4373.  
4374. locret_1204D:
4375. retn
4376. int31_testint endp
4377.  
4378. ; ---------------------------------------------------------------------------
4379.  
4380. int31_0000:
4381. test cx, cx
4382. jz int31fail8021
4383. mov edx, cs:gdtbase
4384. movzx eax, cs:gdtlimit
4385. and al, 0F8h
4386. mov bx, cx
4387.  
4388. loc_12065:
4389. test byte ptr [edx+eax+6], 10h
4390. jnz short loc_1208E
4391. dec bx
4392. jnz short loc_12090
4393. mov ebx, eax
4394.  
4395. loc_12073:
4396. mov dword ptr [edx+ebx], 0
4397. mov dword ptr [edx+ebx+4], 109200h
4398. add bx, 8
4399. loop loc_12073
4400. jmp int31okax
4401. ; ---------------------------------------------------------------------------
4402.  
4403. loc_1208E:
4404. mov bx, cx
4405.  
4406. loc_12090:
4407. sub ax, 8
4408. cmp ax, 50h ; 'P'
4409. jnb short loc_12065
4410. jmp int31fail8011
4411. ; ---------------------------------------------------------------------------
4412.  
4413. int31_0001:
4414. mov ax, cs
4415. cmp ax, bx
4416. jz int31fail8022
4417. mov ax, ss
4418. cmp ax, bx
4419. jz int31fail8022
4420. call int31testsel
4421. xor eax, eax
4422. mov [edi+ebx], eax
4423. mov [edi+ebx+4], eax
4424. mov cx, 4
4425. lea ebp, [esp+20h]
4426.  
4427. loc_120C5:
4428. cmp [ebp+0], bx
4429. jnz short loc_120CF
4430. mov [ebp+0], ax
4431.  
4432. loc_120CF:
4433. add ebp, 2
4434. loop loc_120C5
4435. jmp int31ok
4436. ; ---------------------------------------------------------------------------
4437.  
4438. int31_0002:
4439. mov ds, cs:seldata
4440. assume ds:nothing
4441. mov cx, 10h
4442. mov si, (offset mem_used+2) ; also base of real mode alias table
4443.  
4444. loc_120E3:
4445. mov ax, [si]
4446. test ax, ax
4447. jz short loc_120F0
4448. cmp bx, [si+2]
4449. jz int31okax
4450.  
4451. loc_120F0:
4452. add si, 4
4453. loop loc_120E3
4454. mov cl, 10h
4455. mov si, 92h ; '’'
4456.  
4457. loc_120FA:
4458. cmp word ptr [si], 0
4459. jz short loc_12107
4460. add si, 4
4461. loop loc_120FA
4462. jmp int31fail8010
4463. ; ---------------------------------------------------------------------------
4464.  
4465. loc_12107:
4466. mov [si+2], bx
4467. movzx edi, bx
4468. shl edi, 4
4469. mov cl, 1
4470. xor ax, ax
4471. int 31h ; DPMI Services ax=func xxxxh
4472. ; ALLOCATE LDT DESCRS
4473. ; CX = number of descriptors to allocate
4474. ; Return: CF set on error
4475. ; CF clear if successful, AX = base selector
4476. jb int31failax
4477. mov [si], ax
4478. mov bx, ax
4479. xor cx, cx
4480. mov dx, 0FFFFh
4481. mov ax, 8
4482. int 31h ; DPMI Services ax=func xxxxh
4483. ; SET SEGMENT LIMIT
4484. ; BX = selector, CX:DX = segment limit
4485. ; Return: CF set on error
4486. ; CF clear if successful
4487. mov dx, di
4488. shr edi, 10h
4489. mov cx, di
4490. mov ax, 7
4491. int 31h ; DPMI Services ax=func xxxxh
4492. ; SET SEGMENT BASE ADDRESS
4493. ; BX = selector, CX:DX = linear base address
4494. ; Return: CF set on error
4495. ; CF clear if successful
4496. mov cx, 92h ; '’'
4497. mov ax, 9
4498. int 31h ; DPMI Services ax=func xxxxh
4499. ; SET DESCRIPTOR ACCESS RIGHTS
4500. ; BX = selector, CL = access rights/type byte
4501. ; CH = 80386 extended rights/type byte (32-bit DPMI implementations only)
4502. ; Return: CF set on error
4503. ; CF clear if successful
4504. mov ax, bx
4505. jmp int31okax
4506. ; ---------------------------------------------------------------------------
4507.  
4508. int31_0003:
4509. mov ax, 8
4510. jmp int31okax
4511. ; ---------------------------------------------------------------------------
4512.  
4513. int31_0006:
4514. call int31testsel
4515. mov dx, [edi+ebx+2]
4516. mov cl, [edi+ebx+4]
4517. mov ch, [edi+ebx+7]
4518. jmp int31okdx
4519. ; ---------------------------------------------------------------------------
4520.  
4521. int31_0007:
4522. call int31testsel
4523. mov [edi+ebx+2], dx
4524. mov [edi+ebx+4], cl
4525. mov [edi+ebx+7], ch
4526. jmp int31ok
4527. ; ---------------------------------------------------------------------------
4528.  
4529. int31_0008:
4530. call int31testsel
4531. cmp cx, 0Fh
4532. jbe short loc_1218A
4533. or dx, 0FFFh
4534. shrd dx, cx, 0Ch
4535. shr cx, 0Ch
4536. or cl, 80h
4537.  
4538. loc_1218A:
4539. mov [edi+ebx], dx
4540. and byte ptr [edi+ebx+6], 50h
4541. or [edi+ebx+6], cl
4542. jmp int31ok
4543. ; ---------------------------------------------------------------------------
4544.  
4545. int31_0009:
4546. call int31testsel
4547. call int31testaccess
4548. or ch, 10h
4549. and ch, 0D0h
4550. and byte ptr [edi+ebx+6], 0Fh
4551. or [edi+ebx+6], ch
4552. mov [edi+ebx+5], cl
4553. jmp int31ok
4554. ; ---------------------------------------------------------------------------
4555.  
4556. int31_000A:
4557. call int31testsel
4558. xor ax, ax
4559. mov cx, 1
4560. int 31h ; DPMI Services ax=func xxxxh
4561. ; ALLOCATE LDT DESCRS
4562. ; CX = number of descriptors to allocate
4563. ; Return: CF set on error
4564. ; CF clear if successful, AX = base selector
4565. jb int31fail8011
4566. push ax
4567. push ds
4568. pop es
4569. assume es:nothing
4570. movzx edi, ax
4571. mov esi, cs:gdtbase
4572. add edi, esi
4573. add esi, ebx
4574. movs dword ptr es:[edi], dword ptr [esi]
4575. lods dword ptr [esi]
4576. mov ah, 92h ; '’'
4577. stos dword ptr es:[edi]
4578. pop ax
4579. jmp int31okax
4580. ; ---------------------------------------------------------------------------
4581.  
4582. int31_000B:
4583. call int31testsel
4584. lea esi, [edi+ebx]
4585. mov edi, [esp]
4586. movs dword ptr es:[edi], dword ptr [esi]
4587. movs dword ptr es:[edi], dword ptr [esi]
4588. jmp int31ok
4589. ; ---------------------------------------------------------------------------
4590.  
4591. int31_000C:
4592. call int31testsel
4593. mov esi, [esp]
4594. mov cx, es:[esi+5]
4595. call int31testaccess
4596. push ds
4597. push es
4598. pop ds
4599. pop es
4600. assume es:nothing
4601. add edi, ebx
4602. movs dword ptr es:[edi], dword ptr [esi]
4603. lods dword ptr [esi]
4604. or al, 10h
4605. stos word ptr es:[edi]
4606. jmp int31ok
4607. ; ---------------------------------------------------------------------------
4608.  
4609. int31_000E:
4610. mov ax, 0Bh
4611. jmp short loc_1222D
4612. ; ---------------------------------------------------------------------------
4613.  
4614. int31_000F:
4615. mov ax, 0Ch
4616.  
4617. loc_1222D:
4618. test cx, cx
4619. jz int31ok
4620. mov dx, cx
4621. xor cx, cx
4622.  
4623. loc_12237:
4624. mov bx, es:[edi]
4625. add edi, 2
4626. int 31h ; DPMI Services ax=func xxxxh
4627. ; GET DESCRIPTOR
4628. ; BX = selector, ES:DI / ES:EDI -> 8-byte buffer for copy of descriptor
4629. ; Return: CF set on error
4630. ; CF clear if successful
4631. jb int31failcx
4632. add edi, 8
4633. inc cx
4634. dec dx
4635. jnz short loc_12237
4636. jmp int31ok
4637. ; ---------------------------------------------------------------------------
4638.  
4639. int31_0100:
4640. mov ah, 48h ; 'H'
4641. call int31010x_f2
4642. jb int31failbx
4643. mov dx, ax
4644. xor ax, ax
4645. mov cx, 1
4646. int 31h ; DPMI Services ax=func xxxxh
4647. ; ALLOCATE LDT DESCRS
4648. ; CX = number of descriptors to allocate
4649. ; Return: CF set on error
4650. ; CF clear if successful, AX = base selector
4651. jnb short loc_1226C
4652. mov ah, 49h ; 'I'
4653. call int31010x_f2
4654. jmp int31fail8011
4655. ; ---------------------------------------------------------------------------
4656.  
4657. loc_1226C:
4658. mov [esp+14h], ax
4659. mov [esp+1Ch], dx
4660. mov bx, ax
4661. mov cx, dx
4662. shl dx, 4
4663. shr cx, 0Ch
4664. mov ax, 7
4665. int 31h ; DPMI Services ax=func xxxxh
4666. ; SET SEGMENT BASE ADDRESS
4667. ; BX = selector, CX:DX = linear base address
4668. ; Return: CF set on error
4669. ; CF clear if successful
4670. mov cx, 92h ; '’'
4671. mov al, 9
4672. int 31h ; DPMI Services ax=func xxxxh
4673. ; SET DESCRIPTOR ACCESS RIGHTS
4674. ; BX = selector, CL = access rights/type byte
4675. ; CH = 80386 extended rights/type byte (32-bit DPMI implementations only)
4676. ; Return: CF set on error
4677. ; CF clear if successful
4678. jmp short int31010x
4679. ; ---------------------------------------------------------------------------
4680.  
4681. int31_0101:
4682. mov ah, 49h ; 'I'
4683. mov si, dx
4684. call int31010x_f1
4685. jb int31failax
4686. mov bx, si
4687. jmp int31_0001
4688. ; ---------------------------------------------------------------------------
4689.  
4690. int31_0102:
4691. mov ah, 4Ah ; 'J'
4692. mov si, dx
4693. call int31010x_f1
4694. jb int31failbx
4695. mov bx, si
4696.  
4697. int31010x:
4698. movzx edx, word ptr [esp+10h]
4699. shl edx, 4
4700. dec edx
4701. shld ecx, edx, 10h
4702. mov ax, 8
4703. int 31h ; DPMI Services ax=func xxxxh
4704. ; SET SEGMENT LIMIT
4705. ; BX = selector, CX:DX = segment limit
4706. ; Return: CF set on error
4707. ; CF clear if successful
4708. jmp int31ok
4709.  
4710. ; =============== S U B R O U T I N E =======================================
4711.  
4712.  
4713. int31010x_f1 proc near
4714. pop bp
4715. push ax
4716. push bx
4717. mov bx, dx
4718. mov ax, 6
4719. int 31h ; DPMI Services ax=func xxxxh
4720. ; GET SEGMENT BASE ADDRESS
4721. ; BX = selector
4722. ; Return: CF set on error
4723. ; CF clear if successful, CX:DX = linear base address of segment
4724. pop bx
4725. pop ax
4726. jb int31failax
4727. shrd dx, cx, 4
4728. push bp
4729. int31010x_f1 endp ; sp-analysis failed
4730.  
4731.  
4732. ; =============== S U B R O U T I N E =======================================
4733.  
4734.  
4735. int31010x_f2 proc near
4736.  
4737. var_22 = word ptr -22h
4738. var_16 = word ptr -16h
4739. var_12 = word ptr -12h
4740.  
4741. xor cx, cx
4742. push cx
4743. push cx
4744. sub esp, 0Ah
4745. push dx
4746. push cx
4747. pushad
4748. push ss
4749. pop es
4750. mov edi, esp
4751. mov bl, 21h ; '!'
4752. mov ax, 300h
4753. int 31h ; DPMI Services ax=func xxxxh
4754. ; SIMULATE REAL MODE INTERRUPT
4755. ; BL=interrupt number
4756. ; CX=number of words to copy from protected mode to real mode stack
4757. ; ES:DI / ES:EDI = selector:offset of real mode call structure
4758. ; Return: CF set on error
4759. ; CF clear if ok
4760. mov bx, [esp+32h+var_22]
4761. mov ax, [esp+32h+var_16]
4762. lea esp, [esp+32h]
4763. pop bp
4764. jb int31failax
4765. bt [esp-2+var_12], 0
4766. jmp bp
4767. int31010x_f2 endp ; sp-analysis failed
4768.  
4769. ; ---------------------------------------------------------------------------
4770.  
4771. int31_0200:
4772. movzx ebx, bl
4773. mov dx, ds:0[ebx*4]
4774. mov cx, ds:2[ebx*4]
4775. jmp int31okdx
4776. ; ---------------------------------------------------------------------------
4777.  
4778. int31_0201:
4779. mov ebp, dr7
4780. xor eax, eax
4781. mov dr7, eax
4782. movzx ebx, bl
4783. mov ds:0[ebx*4], dx
4784. mov ds:2[ebx*4], cx
4785. mov dr7, ebp
4786. jmp int31ok
4787. ; ---------------------------------------------------------------------------
4788.  
4789. int31_0202:
4790. mov ds, cs:seldata
4791. cmp bl, 20h ; ' '
4792. jnb int31fail8021
4793. xor cx, cx
4794. xor edx, edx
4795. cmp bl, 10h
4796. jnb short loc_12375
4797. movzx ebx, bl
4798. assume ds:KERNEL
4799. mov cx, word ptr exctabpm_plus1+3[ebx*8]
4800. mov edx, dword ptr exctabpm_minus3+3[ebx*8]
4801.  
4802. loc_12375:
4803. mov ax, [esp+1Ch]
4804. jmp int31okedx
4805. ; ---------------------------------------------------------------------------
4806.  
4807. int31_0203:
4808. xchg bx, cx
4809. call int31testsel
4810. xchg bx, cx
4811. mov ds, cs:seldata
4812. assume ds:nothing
4813. cmp bl, 20h ; ' '
4814. jnb int31fail8021
4815. cmp bl, 10h
4816. jnb short loc_123AA
4817. movzx ebx, bl
4818. assume ds:KERNEL
4819. mov word ptr exctabpm_plus1+3[ebx*8], cx
4820. mov dword ptr exctabpm_minus3+3[ebx*8], edx
4821.  
4822. loc_123AA:
4823. jmp int31ok
4824. ; ---------------------------------------------------------------------------
4825.  
4826. int31_0204:
4827. mov ds, cs:seldata
4828. call int31_testint
4829. jz short loc_123D2
4830.  
4831. loc_123B7:
4832. shl ebx, 3
4833. add ebx, idtbase
4834. mov ds, selzero
4835. mov edx, [ebx+4]
4836. mov dx, [ebx]
4837. mov cx, [ebx+2]
4838. jmp short loc_123FD
4839. ; ---------------------------------------------------------------------------
4840.  
4841. loc_123D2:
4842. bt word ptr irqset_pm_minus1+1, si
4843. jnb short loc_123F1
4844. test bl, 0F0h
4845. jnz short loc_123B7
4846. mov cx, word ptr irqtab_pm_plus4[esi*8]
4847. mov edx, dword ptr irqtab_pm_minus1+1[esi*8]
4848. jmp short loc_123FD
4849. ; ---------------------------------------------------------------------------
4850.  
4851. loc_123F1:
4852. mov cx, 8
4853. lea edx, ds:1660h[esi*4]
4854.  
4855. loc_123FD:
4856. mov ax, [esp+1Ch]
4857. jmp int31okedx
4858. ; ---------------------------------------------------------------------------
4859.  
4860. int31_0205:
4861. xchg bx, cx
4862. call int31testsel
4863. xchg bx, cx
4864. mov ds, cs:seldata
4865. mov es, selzero
4866. movzx ecx, cx
4867. call int31_testint
4868. jz short loc_12457
4869. cmp bl, 1Bh
4870. jz setpmint_1B
4871. cmp bl, 1Ch
4872. jz setpmint_1C
4873. cmp bl, 23h
4874. jz setpmint_23
4875. cmp bl, 24h
4876. jz setpmint_24
4877.  
4878. loc_1243A:
4879. shl ebx, 3
4880. add ebx, idtbase
4881. mov es:[ebx], dx
4882. shr edx, 10h
4883. mov es:[ebx+6], dx
4884. mov es:[ebx+2], cx
4885. jmp short loc_124D2
4886. ; ---------------------------------------------------------------------------
4887.  
4888. loc_12457:
4889. cmp cx, 8
4890. jnz short loc_12480
4891. btr word ptr _pc_irqcbrmtopm+3, si ; also irqset_rm - 3
4892. btr word ptr irqset_pm_minus1+1, si
4893. mov eax, dword ptr irqtabrm_minus1+1[esi*4]
4894. mov es:0[ebx*4], eax
4895. cmp bl, 10h
4896. jnb short loc_1243A
4897. jmp short loc_124D2
4898. ; ---------------------------------------------------------------------------
4899.  
4900. loc_12480: ; also irqset_rm - 3
4901. bts word ptr _pc_irqcbrmtopm+3, si
4902. bts word ptr irqset_pm_minus1+1, si
4903. mov eax, es:0[ebx*4]
4904. mov dword ptr irqtabrm_minus1+1[esi*4], eax
4905. lea eax, back_matrix[esi*4]
4906. mov es:0[ebx*4], ax
4907. mov word ptr es:2[ebx*4], seg KERNEL
4908. cmp bl, 10h
4909. jnb loc_1243A
4910. mov word ptr irqtab_pm_plus4[esi*8], cx
4911. mov dword ptr irqtab_pm_minus1+1[esi*8], edx
4912.  
4913. loc_124D2:
4914. jmp int31ok
4915. ; ---------------------------------------------------------------------------
4916.  
4917. setpmint_1B:
4918. cmp cx, 8
4919. mov eax, dword ptr newint1Bh+1
4920. jnz short loc_124E2
4921. mov eax, dword ptr oldint1Bh_and_1Ch+1
4922.  
4923. loc_124E2:
4924. mov es:6Ch, eax
4925. jmp loc_1243A
4926. ; ---------------------------------------------------------------------------
4927.  
4928. setpmint_1C:
4929. cmp cx, 8
4930. mov eax, dword ptr newint1Ch+1
4931. jnz short loc_124F7
4932. mov eax, dword ptr oldint1Bh_and_1Ch+5
4933.  
4934. loc_124F7:
4935. mov es:70h, eax
4936. jmp loc_1243A
4937. ; ---------------------------------------------------------------------------
4938.  
4939. setpmint_23:
4940. cmp cx, 8
4941. mov eax, dword ptr @@v2+1
4942. jnz short loc_1250C
4943. mov eax, dword ptr oldint23h_minus1+1
4944.  
4945. loc_1250C:
4946. mov es:8Ch, eax
4947. jmp loc_1243A
4948. ; ---------------------------------------------------------------------------
4949.  
4950. setpmint_24:
4951. cmp cx, 8
4952. mov eax, dword ptr newint24h
4953. jnz short loc_12521
4954. mov eax, dword ptr oldint24h
4955.  
4956. loc_12521:
4957. mov es:90h, eax
4958. jmp loc_1243A
4959. ; ---------------------------------------------------------------------------
4960.  
4961. int31_0900:
4962. add esp, 26h
4963. pop ds
4964. btr word ptr [esp+8], 9
4965. setb al
4966. jmp int31oknopop
4967. ; ---------------------------------------------------------------------------
4968.  
4969. int31_0901:
4970. add esp, 26h
4971. pop ds
4972. bts word ptr [esp+8], 9
4973. setb al
4974. jmp int31oknopop
4975. ; ---------------------------------------------------------------------------
4976.  
4977. int31_0902:
4978. add esp, 26h
4979. pop ds
4980. bt word ptr [esp+8], 9
4981. setb al
4982. jmp int31oknopop
4983. ; ---------------------------------------------------------------------------
4984.  
4985. int31_0301:
4986. mov ebp, es:[edi+2Ah]
4987. jmp short loc_12574
4988. ; ---------------------------------------------------------------------------
4989.  
4990. int31_0300:
4991. movzx ebx, bl
4992. mov ebp, [ebx*4+0]
4993.  
4994. loc_12574:
4995. mov gs, cs:seldata
4996. assume gs:KERNEL
4997. movzx ebx, word ptr es:[edi+2Eh]
4998. movzx edx, word ptr es:[edi+30h]
4999. mov ax, bx
5000. or ax, dx
5001. jnz short loc_125AA
5002. mov dx, word ptr cs:rmstackbase_and_top+2
5003. mov bx, word ptr cs:rmstacklen
5004. sub dx, bx
5005. cmp dx, word ptr cs:rmstackbase_and_top
5006. jb int31fail8012
5007. mov word ptr gs:rmstackbase_and_top+2, dx
5008. shl bx, 4
5009.  
5010. loc_125AA:
5011. lea edi, ds:0[edx*4]
5012. lea edi, [ebx+edi*4]
5013. mov ax, ss
5014. xchg ax, word ptr gs:rmstackss+1
5015. push ax
5016. lea eax, [esp-4]
5017. xchg eax, dword ptr gs:rmstackesp+1
5018. push eax
5019. movzx ecx, cx
5020. mov ax, cx
5021. add ax, ax
5022. sub bx, 2Eh ; '.'
5023. sub bx, ax
5024. push ds
5025. push es
5026. pop ds
5027. pop es
5028. std
5029. sub edi, 2
5030. lea esi, [esp+ecx*2+38h]
5031. rep movs word ptr es:[edi], word ptr ss:[esi]
5032. mov esi, [esp+6]
5033. mov ax, [esi+20h]
5034. cmp byte ptr [esp+22h], 1
5035. jz short loc_12608
5036. and ah, 0FCh
5037. stos word ptr es:[edi]
5038. sub bx, 2
5039.  
5040. loc_12608:
5041. cld
5042. lea edi, ds:0[edx*4]
5043. lea edi, [ebx+edi*4]
5044. mov cl, 8
5045. rep movs dword ptr es:[edi], dword ptr [esi]
5046. add esi, 6
5047. movs dword ptr es:[edi], dword ptr [esi]
5048. mov word ptr es:[edi+8], seg KERNEL
5049. mov word ptr es:[edi+6], offset loc_12657
5050. mov es:[edi+4], ax
5051. mov es:[edi], ebp
5052. mov ax, [esi-6]
5053. mov cx, [esi-8]
5054. mov si, seg KERNEL
5055. mov di, offset loc_12650
5056. jmp large [cs:pmtormswrout]
5057. ; ---------------------------------------------------------------------------
5058.  
5059. loc_12650:
5060. popad
5061. pop fs
5062. pop gs
5063. assume gs:nothing
5064. iret
5065. ; ---------------------------------------------------------------------------
5066.  
5067. loc_12657:
5068. push gs
5069. push fs
5070. push ds
5071. push es
5072. pushf
5073. cli
5074. pushad
5075. xor eax, eax
5076. mov ax, ss
5077. xor ebp, ebp
5078. shl eax, 4
5079. mov bp, sp
5080. add ebp, eax
5081. mov dx, word ptr cs:rmstackss+1
5082. mov ebx, dword ptr cs:rmstackesp+1
5083. mov ax, 18h
5084. mov cx, 10h
5085. mov si, 8
5086. mov edi, offset loc_12691
5087. jmp cs:rmtopmswrout
5088. ; ---------------------------------------------------------------------------
5089.  
5090. loc_12691:
5091. push es
5092. pop gs
5093. assume es:KERNEL
5094. pop large [dword ptr es:rmstackesp+1]
5095. pop word ptr es:rmstackss+1
5096. mov esi, ebp
5097. mov edi, [esp]
5098. mov es, word ptr [esp+24h]
5099. assume es:nothing
5100. mov ecx, 15h
5101. cld
5102. rep movs word ptr es:[edi], word ptr [esi]
5103. cmp dword ptr es:[edi+4], 0
5104. jnz int31ok
5105. mov ax, word ptr cs:rmstacklen
5106. assume gs:KERNEL
5107. add word ptr gs:rmstackbase_and_top+2, ax
5108. jmp int31ok
5109. ; ---------------------------------------------------------------------------
5110.  
5111. int31_0303:
5112. mov bl, cs:pm32_callbacks
5113. test bl, bl
5114. jz int31fail8015
5115. mov edx, dword ptr cs:callbackbase_and_seg
5116. mov ecx, edx
5117.  
5118. loc_126E1:
5119. cmp word ptr [edx+3], 0
5120. jz short loc_126F3
5121. add edx, 19h
5122. dec bl
5123. jnz short loc_126E1
5124. jmp int31fail8015
5125. ; ---------------------------------------------------------------------------
5126.  
5127. loc_126F3:
5128. mov bx, [esp+26h]
5129. mov [edx+3], bx
5130. mov [edx+7], esi
5131. mov word ptr [edx+0Ch], es
5132. mov [edx+10h], edi
5133. sub edx, ecx
5134. shr ecx, 4
5135. jmp int31okdx
5136. ; ---------------------------------------------------------------------------
5137.  
5138. int31_0304:
5139. cmp cx, word ptr cs:callbackbase_and_seg+4
5140. jnz int31fail8024
5141. movzx ebx, dx
5142. xor ax, ax
5143. xchg ax, dx
5144. mov cx, 19h
5145. div cx
5146. test dx, dx
5147. jnz int31fail8024
5148. test ah, ah
5149. jnz int31fail8024
5150. cmp al, cs:pm32_callbacks
5151. jnb int31fail8024
5152. add ebx, dword ptr cs:callbackbase_and_seg
5153. mov word ptr [ebx+3], 0
5154. jmp int31ok
5155. ; ---------------------------------------------------------------------------
5156.  
5157. int31_0305:
5158. add esp, 26h
5159. pop ds
5160. xor ax, ax
5161. mov bx, cs:kernel_code
5162. mov cx, (offset prefixed_retf+1)
5163. mov si, cs
5164. mov edi, offset prefixed_retf
5165. jmp int31oknopop
5166. ; ---------------------------------------------------------------------------
5167.  
5168. int31_0306:
5169. add esp, 26h
5170. pop ds
5171. mov si, cs
5172. mov edi, cs:pmtormswrout
5173. mov bx, cs:kernel_code
5174. mov cx, cs:rmtopmswrout
5175. jmp int31oknopop
5176. ; ---------------------------------------------------------------------------
5177.  
5178. int31_0400:
5179. add esp, 26h
5180. pop ds
5181. mov ax, 5Ah ; 'Z'
5182. mov bx, 3
5183. cmp cs:pmodetype, 2
5184. jnz short loc_12796
5185. mov bl, 1
5186.  
5187. loc_12796:
5188. mov cl, cs:cputype
5189. mov dx, word ptr cs:picslave
5190. jmp int31oknopop
5191. ; ---------------------------------------------------------------------------
5192.  
5193. int31_0A00:
5194. add esp, 26h
5195. pop ds
5196. push es
5197. push edi
5198. push ecx
5199. push esi
5200. push cs
5201. pop es
5202. assume es:KERNEL
5203. mov ecx, 0Fh
5204. mov edi, offset aSunsysDos32a ; "SUNSYS DOS/32A"
5205. push esi
5206. repe cmps byte ptr [esi], byte ptr es:[edi]
5207. pop esi
5208. mov edi, offset sunsys_entry
5209. jz short loc_127F2
5210. test cs:pm32_mode, 80h
5211. jnz short loc_12822
5212. mov cl, 10h
5213. mov edi, offset aRationalDos4g ; "RATIONAL DOS/4G"
5214. repe cmps byte ptr [esi], byte ptr es:[edi]
5215. jnz short loc_12822
5216. mov edi, offset rational_entry
5217. pop esi
5218. pop ecx
5219. add esp, 6
5220. jmp int31oknopop
5221. ; ---------------------------------------------------------------------------
5222.  
5223. loc_127F2:
5224. add esp, 0Eh
5225. xor eax, eax
5226. mov ebx, eax
5227. mov ecx, eax
5228. mov edx, eax
5229. mov ax, cs:client_version
5230. mov bl, cs:pm32_mode
5231. mov bh, cs:pmodetype
5232. mov cl, cs:cputype
5233. mov ch, cs:fputype
5234. mov dx, word ptr cs:picslave
5235. jmp int31oknopop
5236. ; ---------------------------------------------------------------------------
5237.  
5238. loc_12822:
5239. pop esi
5240. pop ecx
5241. pop edi
5242. pop es
5243. assume es:nothing
5244. mov ax, 8001h
5245. jmp int31failnopop
5246. ; ---------------------------------------------------------------------------
5247. aSunsysDos32a db 'SUNSYS DOS/32A',0
5248. aRationalDos4g db 'RATIONAL DOS/4G',0
5249. ; ---------------------------------------------------------------------------
5250.  
5251. rational_entry:
5252. mov ax, 8500h
5253. jmp dword ptr cs:client_call
5254. ; ---------------------------------------------------------------------------
5255.  
5256. sunsys_entry:
5257. test al, al
5258. jz short API_func00
5259. cmp al, 1
5260. jz short API_func01
5261. cmp al, 2
5262. jz short API_func02
5263. cmp al, 3
5264. jz short API_func03
5265. cmp al, 4
5266. jz API_func04
5267. cmp al, 5
5268. jz API_func05
5269. cmp al, 6
5270. jz API_func06
5271. cmp al, 7
5272. jz API_func07
5273. cmp al, 8
5274. jz API_func08
5275. cmp al, 9
5276. jz API_func09
5277. stc
5278. db 66h
5279. retf
5280. ; ---------------------------------------------------------------------------
5281.  
5282. API_func00:
5283. mov bx, 18h
5284. movzx ecx, cs:gdtlimit
5285. movzx edx, cs:idtlimit
5286. mov esi, cs:gdtbase
5287. mov edi, cs:idtbase
5288. jmp loc_12972
5289. ; ---------------------------------------------------------------------------
5290.  
5291. API_func01:
5292. mov bx, 18h
5293. movzx ecx, cs:pagetables
5294. movzx edx, cs:pm32_maxfpages
5295. mov esi, dword ptr cs:pagetablebase_minus5+5 ; also id32_tsrmode - 3
5296. ; also id32_spawned_id - 1
5297. mov edi, dword ptr cs:phystablebase
5298. inc cx
5299. jmp loc_12972
5300. ; ---------------------------------------------------------------------------
5301.  
5302. API_func02:
5303. mov bx, 10h
5304. mov esi, (offset _pc_irqcbrmtopm+3) ; also irqset_rm - 3
5305. mov edi, (offset irqtabrm_minus1+1)
5306. jmp loc_12972
5307. ; ---------------------------------------------------------------------------
5308.  
5309. API_func03:
5310. mov bx, 18h
5311. mov ecx, dword ptr cs:mem_free
5312. mov edx, dword ptr cs:pm32_info ; also mem_ptr
5313. mov esi, dword ptr cs:mem_top_minus1+1
5314. jmp short loc_12972
5315. ; ---------------------------------------------------------------------------
5316.  
5317. API_func04:
5318. mov bx, 18h
5319. movzx ecx, word ptr cs:rmstacklen
5320. movzx edx, word ptr cs:rmstackbase_and_top+2
5321. movzx esi, word ptr cs:rmstackbase_and_top
5322. movzx edi, word ptr cs:rmstacktop2+1
5323. jmp short loc_12972
5324. ; ---------------------------------------------------------------------------
5325.  
5326. API_func05:
5327. mov bx, 18h
5328. mov ecx, dword ptr cs:pmstacklen_minus1+1
5329. mov edx, dword ptr cs:pmstackbase_and_top+4
5330. mov esi, dword ptr cs:pmstackbase_and_top
5331. mov edi, dword ptr cs:pmstacktop2
5332. jmp short loc_12972
5333. ; ---------------------------------------------------------------------------
5334.  
5335. API_func06:
5336. mov bx, 8
5337. mov cx, 10h
5338. mov dx, 18h
5339. movzx esi, cs:kernel_code
5340. mov di, cs:client_call+2
5341. jmp short loc_12972
5342. ; ---------------------------------------------------------------------------
5343.  
5344. API_func07:
5345. mov cx, cs:client_call+2
5346. mov dx, cs:client_call
5347. jmp short loc_12972
5348. ; ---------------------------------------------------------------------------
5349.  
5350. API_func08:
5351. push ds
5352. mov ds, cs:seldata
5353. assume ds:nothing
5354. mov ds:12h, cx
5355. mov ds:10h, dx
5356. pop ds
5357. assume ds:KERNEL
5358. jmp short loc_12972
5359. ; ---------------------------------------------------------------------------
5360.  
5361. API_func09:
5362. mov cx, 10h
5363. mov edx, (offset _pc_intrmtopm_minus1+1)
5364.  
5365. loc_12972:
5366. clc
5367. db 66h
5368. retf
5369. ; ---------------------------------------------------------------------------
5370.  
5371. int31_0500:
5372. or eax, 0FFFFFFFFh
5373. mov ecx, 0Ch
5374. push edi
5375. rep stos dword ptr es:[edi]
5376. pop edi
5377. mov eax, dword ptr cs:pm32_info ; also mem_ptr
5378. or eax, dword ptr cs:mem_free
5379. jz short loc_1299A
5380. call int31_checkblocks
5381. call int31_getfreemem
5382.  
5383. loc_1299A:
5384. mov ebx, eax
5385. mov edx, eax
5386. mov eax, dword ptr cs:mem_free
5387. shr eax, 0Ch
5388. shr ebx, 0Ch
5389. shr ecx, 0Ch
5390. push es
5391. pop ds
5392. mov [edi], edx
5393. mov [edi+4], ebx
5394. mov [edi+8], ebx
5395. mov [edi+0Ch], eax
5396. mov [edi+10h], ebx
5397. mov [edi+14h], ecx
5398. mov [edi+18h], eax
5399. mov [edi+1Ch], ecx
5400. jmp int31ok
5401. ; ---------------------------------------------------------------------------
5402.  
5403. int31_0501:
5404. call int31_checkifmemavail
5405. call int31_testbxcxtoebx
5406. add ebx, 1000h ; DOS32AWE ADDITION: crash prevention - add 4K to every allocation
5407. call int31_checkblocks
5408. mov esi, dword ptr cs:pm32_info ; also mem_ptr
5409.  
5410. loc_129F3:
5411. mov eax, [esi+4]
5412. btr eax, 1Fh
5413. jb short loc_12A06
5414. cmp eax, ebx
5415. jnb int31_allocblock
5416.  
5417. loc_12A06:
5418. lea esi, [esi+eax+10h]
5419. cmp esi, dword ptr cs:mem_top_minus1+1
5420. jb short loc_129F3
5421. jmp int31fail8013
5422. ; ---------------------------------------------------------------------------
5423.  
5424. int31_0502:
5425. shl esi, 10h
5426. mov si, di
5427. call int31_checkifmemavail
5428. call int31_checkblocks
5429. call int31_checkhandle
5430. btr dword ptr [esi+4], 1Fh
5431. call int31_linkfreeblocks
5432. jmp int31ok
5433. ; ---------------------------------------------------------------------------
5434.  
5435. int31_0503:
5436. shl esi, 10h
5437. mov si, di
5438. call int31_checkifmemavail
5439. call int31_testbxcxtoebx
5440. add ebx, 1000h ; DOS32AWE ADDITION: crash prevention - add 4K to every allocation
5441. call int31_checkblocks
5442. call int31_checkhandle
5443. mov eax, [esi+4]
5444. btr eax, 1Fh
5445. jnb int31fail8023
5446. cmp eax, ebx
5447. jnb int31_allocblock
5448. mov [esi+4], eax
5449. lea edi, [esi+eax+10h]
5450. cmp edi, dword ptr cs:mem_top_minus1+1
5451. jnb short loc_12A96
5452. mov edx, [edi+4]
5453. btr edx, 1Fh
5454. jb short loc_12A96
5455. lea edx, [eax+edx+10h]
5456. cmp edx, ebx
5457. jb short loc_12A96
5458. mov eax, edx
5459. mov [esi+4], eax
5460. jmp int31_allocblock
5461. ; ---------------------------------------------------------------------------
5462.  
5463. loc_12A96: ; also mem_ptr
5464. mov edi, dword ptr cs:pm32_info
5465.  
5466. loc_12A9C:
5467. mov edx, [edi+4]
5468. btr edx, 1Fh
5469. jb short loc_12AAD
5470. cmp edx, ebx
5471. jnb short loc_12AC8
5472.  
5473. loc_12AAD:
5474. lea edi, [edi+edx+10h]
5475. cmp edi, dword ptr cs:mem_top_minus1+1
5476. jb short loc_12A9C
5477. bts eax, 1Fh
5478. mov [esi+4], eax
5479. jmp int31fail8013
5480. ; ---------------------------------------------------------------------------
5481.  
5482. loc_12AC8:
5483. push esi
5484. push edi
5485. mov ecx, eax
5486. shr ecx, 2
5487. add esi, 10h
5488. add edi, 10h
5489. rep movs dword ptr es:[edi], dword ptr [esi]
5490. mov cl, al
5491. and cl, 3
5492. rep movs byte ptr es:[edi], byte ptr [esi]
5493. pop edi
5494. pop esi
5495. call int31_linkfreeblocks
5496. mov esi, edi
5497. mov eax, edx
5498. jmp int31_allocblock
5499. ; ---------------------------------------------------------------------------
5500.  
5501. int31_050A:
5502. shl esi, 10h
5503. mov si, di
5504. call int31_checkifmemavail
5505. call int31_checkblocks
5506. call int31_checkhandle
5507. mov ebx, [esi+4]
5508. btr ebx, 1Fh
5509. jnb int31fail8023
5510. add esi, 10h
5511. xchg ebx, esi
5512. mov cx, bx
5513. shr ebx, 10h
5514. mov di, si
5515. shr esi, 10h
5516. jmp int31oksinoax
5517.  
5518. ; =============== S U B R O U T I N E =======================================
5519.  
5520.  
5521. int31_checkifmemavail proc near
5522. pop bp
5523. push eax
5524. mov eax, dword ptr cs:pm32_info ; also mem_ptr
5525. or eax, dword ptr cs:mem_free
5526. pop eax
5527. jz int31fail8013
5528. jmp bp
5529. int31_checkifmemavail endp ; sp-analysis failed
5530.  
5531.  
5532. ; =============== S U B R O U T I N E =======================================
5533.  
5534.  
5535. int31_checkblocks proc near
5536. push eax
5537. push esi
5538. mov esi, dword ptr cs:pm32_info ; also mem_ptr
5539.  
5540. loc_12B4A:
5541. test si, 0Fh
5542. jnz short loc_12B8A
5543. mov eax, 12345678h
5544. cmp eax, [esi]
5545. jnz short loc_12B8A
5546. cmp eax, [esi+0Ch]
5547. jnz short loc_12B8A
5548. mov eax, [esi+4]
5549. btr eax, 1Fh
5550. lea esi, [esi+eax+10h]
5551. cmp esi, dword ptr cs:pm32_info ; also mem_ptr
5552. jb short loc_12B8A
5553. cmp esi, dword ptr cs:mem_top_minus1+1
5554. ja short loc_12B8A
5555. jb short loc_12B4A
5556. pop esi
5557. pop eax
5558. retn
5559. ; ---------------------------------------------------------------------------
5560.  
5561. loc_12B8A:
5562. mov ds, cs:seldata
5563. xor eax, eax
5564. mov dword ptr pm32_info, eax ; also mem_ptr
5565. mov dword ptr mem_free, eax
5566. mov ax, 8400h
5567. jmp dword ptr client_call
5568. int31_checkblocks endp
5569.  
5570.  
5571. ; =============== S U B R O U T I N E =======================================
5572.  
5573.  
5574. int31_checkhandle proc near
5575. pop bp
5576. cmp esi, dword ptr cs:pm32_info ; also mem_ptr
5577. jb short loc_12BC7
5578. cmp esi, dword ptr cs:mem_top_minus1+1
5579. ja short loc_12BC7
5580. mov eax, 12345678h
5581. cmp eax, [esi]
5582. jnz short loc_12BC7
5583. cmp eax, [esi+0Ch]
5584. jnz short loc_12BC7
5585. jmp bp
5586. ; ---------------------------------------------------------------------------
5587.  
5588. loc_12BC7:
5589. jmp int31fail8023
5590. int31_checkhandle endp ; sp-analysis failed
5591.  
5592.  
5593. ; =============== S U B R O U T I N E =======================================
5594.  
5595.  
5596. int31_testbxcxtoebx proc near
5597. pop bp
5598. shl ebx, 10h
5599. mov bx, cx
5600. test ebx, ebx
5601. jz int31fail8021
5602. add ebx, 0Fh
5603. and bl, 0F0h
5604. bt ebx, 1Fh
5605. jb int31fail8021
5606. jmp bp
5607. int31_testbxcxtoebx endp ; sp-analysis failed
5608.  
5609.  
5610. ; =============== S U B R O U T I N E =======================================
5611.  
5612.  
5613. int31_getfreemem proc near
5614. xor eax, eax
5615. xor ecx, ecx
5616. mov esi, dword ptr cs:pm32_info ; also mem_ptr
5617.  
5618. loc_12BF6:
5619. mov edx, [esi+4]
5620. btr edx, 1Fh
5621. jb short loc_12C0D
5622. add ecx, edx
5623. cmp eax, edx
5624. ja short loc_12C0D
5625. mov eax, edx
5626.  
5627. loc_12C0D:
5628. lea esi, [esi+edx+10h]
5629. cmp esi, dword ptr cs:mem_top_minus1+1
5630. jb short loc_12BF6
5631. retn
5632. int31_getfreemem endp
5633.  
5634. ; ---------------------------------------------------------------------------
5635.  
5636. int31_allocblock:
5637. mov ecx, 12345678h
5638. movzx edx, word ptr cs:id32_process_id_minus2+2
5639. sub eax, ebx
5640. sub eax, 10h
5641. jb short loc_12C4B
5642. lea edi, [esi+ebx+10h]
5643. mov [edi], ecx
5644. mov [edi+4], eax
5645. mov [edi+8], edx
5646. mov [edi+0Ch], ecx
5647.  
5648. loc_12C4B:
5649. bts ebx, 1Fh
5650. mov [esi], ecx
5651. mov [esi+4], ebx
5652. mov [esi+8], edx
5653. mov [esi+0Ch], ecx
5654. call int31_linkfreeblocks
5655. lea ebx, [esi+10h]
5656. mov cx, bx
5657. shr ebx, 10h
5658. mov di, si
5659. shr esi, 10h
5660. jmp int31oksinoax
5661.  
5662. ; =============== S U B R O U T I N E =======================================
5663.  
5664.  
5665. int31_linkfreeblocks proc near
5666. pushad
5667. mov edi, dword ptr cs:pm32_info ; also mem_ptr
5668. mov ebp, dword ptr cs:mem_top_minus1+1
5669. mov eax, [edi+4]
5670. btr eax, 1Fh
5671. lea esi, [edi+eax+10h]
5672. cmp esi, ebp
5673. jnb short loc_12CFD
5674. mov esi, edi
5675.  
5676. loc_12CA0:
5677. mov eax, [esi+4]
5678. btr eax, 1Fh
5679. jb short loc_12CF2
5680. xor ebx, ebx
5681. xor ecx, ecx
5682. mov edi, esi
5683. jmp short loc_12CDD
5684. ; ---------------------------------------------------------------------------
5685.  
5686. loc_12CB7:
5687. add ecx, 10h
5688. mov eax, [esi+4]
5689. btr eax, 1Fh
5690. lea ebx, [eax+ebx]
5691. jnb short loc_12CDD
5692. sub ebx, eax
5693. sub ecx, 10h
5694. add ebx, ecx
5695. add [edi+4], ebx
5696. jmp short loc_12CF2
5697. ; ---------------------------------------------------------------------------
5698.  
5699. loc_12CDD:
5700. lea esi, [esi+eax+10h]
5701. cmp esi, ebp
5702. jb short loc_12CB7
5703. add ebx, ecx
5704. add [edi+4], ebx
5705. jmp short loc_12CFD
5706. ; ---------------------------------------------------------------------------
5707.  
5708. loc_12CF2:
5709. lea esi, [esi+eax+10h]
5710. cmp esi, ebp
5711. jb short loc_12CA0
5712.  
5713. loc_12CFD:
5714. popad
5715. retn
5716. int31_linkfreeblocks endp
5717.  
5718. ; ---------------------------------------------------------------------------
5719.  
5720. int31_0600:
5721. jmp int31ok
5722. ; ---------------------------------------------------------------------------
5723.  
5724. int31_0604:
5725. xor bx, bx
5726. mov cx, 1000h
5727. jmp int31okbx
5728. ; ---------------------------------------------------------------------------
5729.  
5730. int31_0800:
5731. shl ebx, 10h
5732. shl esi, 10h
5733. mov bx, cx
5734. mov si, di
5735. cmp ebx, 100000h
5736. jb int31fail8021
5737. test esi, esi
5738. jz int31fail8021
5739. cmp cs:pmodetype, 2
5740. jz short loc_12D34
5741. jmp int31ok
5742. ; ---------------------------------------------------------------------------
5743.  
5744. loc_12D34:
5745. cmp cs:pm32_maxfpages, 0
5746. jz int31fail8012
5747. push ds
5748. pop es
5749. assume es:KERNEL
5750. mov edi, dword ptr cs:phystablebase
5751.  
5752. loc_12D46:
5753. mov eax, ebx
5754. lea ecx, [esi+0FFFh]
5755. and ax, 0F000h
5756. shr ecx, 0Ch
5757. mov edx, edi
5758.  
5759. loc_12D5B:
5760. cmp edi, dword ptr cs:phystabletop_minus2+2
5761. jnb short loc_12D90
5762. mov ebp, [edi]
5763. and bp, 0F000h
5764. cmp eax, ebp
5765. jz short loc_12D76
5766. add edi, 4
5767. jmp short loc_12D46
5768. ; ---------------------------------------------------------------------------
5769.  
5770. loc_12D76:
5771. add edi, 4
5772. add eax, 1000h
5773. dec ecx
5774. jnz short loc_12D5B
5775. mov eax, ebx
5776. and ax, 0F000h
5777. sub ebx, eax
5778. jmp loc_12E0F
5779. ; ---------------------------------------------------------------------------
5780.  
5781. loc_12D90:
5782. mov edi, dword ptr cs:phystablebase
5783. mov ecx, dword ptr cs:phystabletop_minus2+2
5784. sub ecx, edi
5785. shr ecx, 2
5786. mov eax, ebx
5787. and ax, 0F000h
5788. lea ebp, [ebx+esi+0FFFh]
5789. sub ebp, eax
5790. shr ebp, 0Ch
5791.  
5792. loc_12DB9:
5793. test ecx, ecx
5794. jz int31fail8021
5795. xor eax, eax
5796. repne scas dword ptr es:[edi]
5797. lea edx, [edi-4]
5798. repe scas dword ptr es:[edi]
5799. mov eax, edi
5800. sub eax, edx
5801. shr eax, 2
5802. cmp eax, ebp
5803. jb short loc_12DB9
5804. mov eax, ebx
5805. and ax, 0F000h
5806. sub ebx, eax
5807. mov edi, edx
5808. mov ecx, ebp
5809. mov al, 7
5810. cmp cs:cputype, 3
5811. jbe short loc_12DFA
5812. mov al, 1Fh
5813.  
5814. loc_12DFA:
5815. stos dword ptr es:[edi]
5816. add eax, 1000h
5817. loop loc_12DFA
5818. or byte ptr [edx+1], 2
5819. or byte ptr [edi-3], 4
5820.  
5821. loc_12E0F:
5822. sub edx, dword ptr cs:phystablebase
5823. shl edx, 0Ah
5824. add edx, ebx
5825. mov [esp+18h], dx
5826. shr edx, 10h
5827. or dx, 8000h
5828. mov [esp+10h], dx
5829. mov eax, cs:vcpi_cr3
5830. mov cr3, eax
5831. xor eax, eax
5832. mov cr2, eax
5833. jmp int31ok
5834. ; ---------------------------------------------------------------------------
5835.  
5836. int31_0801:
5837. cmp cs:pmodetype, 2
5838. jz short loc_12E4A
5839. jmp int31ok
5840. ; ---------------------------------------------------------------------------
5841.  
5842. loc_12E4A:
5843. cmp cs:pm32_maxfpages, 0
5844. jz int31fail8012
5845. and bx, 7FFFh
5846. shl ebx, 10h
5847. mov bx, cx
5848. shr ebx, 0Ah
5849. and bl, 0FCh
5850. add ebx, dword ptr cs:phystablebase
5851. cmp ebx, dword ptr cs:phystablebase
5852. jb int31fail8025
5853. cmp ebx, dword ptr cs:phystabletop_minus2+2
5854. jnb int31fail8025
5855. test byte ptr [ebx+1], 2
5856. jz int31fail8025
5857.  
5858. loc_12E88:
5859. xor eax, eax
5860. xchg eax, [ebx]
5861. add ebx, 4
5862. test ah, 4
5863. jz short loc_12E88
5864. mov eax, cs:vcpi_cr3
5865. mov cr3, eax
5866. xor eax, eax
5867. mov cr2, eax
5868. jmp int31ok
5869. ; ---------------------------------------------------------------------------
5870.  
5871. int31_0E00:
5872. movzx ax, cs:fputype
5873. shl ax, 4
5874. smsw dx
5875. and dl, 6
5876. shr dl, 1
5877. or al, dl
5878. shl dl, 2
5879. or al, dl
5880. jmp int31okax
5881. ; ---------------------------------------------------------------------------
5882.  
5883. int31_0E01:
5884. mov ds, cs:seldata
5885. assume ds:nothing
5886. and bl, 3
5887. shl bl, 1
5888. smsw ax
5889. or al, bl
5890. lmsw ax
5891. jmp int31ok
5892. ; ---------------------------------------------------------------------------
5893.  
5894. int31_EEFF:
5895. add esp, 26h
5896. pop ds
5897. assume ds:KERNEL
5898. push cs
5899. pop es
5900. mov eax, 'D32A'
5901. mov ebx, 2E88h
5902. mov ch, cs:pmodetype
5903. mov cl, cs:cputype
5904. mov dx, cs:client_version
5905. jmp int31oknopop
5906. ; ---------------------------------------------------------------------------
5907. align 10h
5908. KERNEL ends
5909.  
5910. ; ===========================================================================
5911.  
5912. ; Segment type: Pure code
5913. TEXT16 segment byte public 'CODE' use16
5914. assume cs:TEXT16
5915. assume es:nothing, ss:nothing, ds:TEXT16, fs:nothing, gs:nothing
5916.  
5917. ; =============== S U B R O U T I N E =======================================
5918.  
5919.  
5920. get_default_config proc near
5921. push ds
5922. push es
5923. mov ax, seg ID32
5924. mov dx, seg KERNEL
5925. mov _seg_id32, ax
5926. mov _seg_kernel, dx
5927. push ax
5928. push dx
5929. mov ax, 0FF87h
5930. int 21h ; DOS - DOS v??? - OEM FUNCTION
5931. cmp dx, 'ID'
5932. jnz short loc_12F37
5933. cmp ax, '32'
5934. jnz short loc_12F37
5935. mov es, cs:_seg_id32
5936. xor di, di
5937. mov cx, 0Ch
5938. rep movsw
5939. mov ds, cs:_seg_ds
5940. or _sys_misc, 1
5941.  
5942. loc_12F37:
5943. pop dx
5944. pop ax
5945. mov ds, ax
5946. mov es, dx
5947. xor si, si
5948. mov di, 0
5949. lodsw
5950. cmp ax, 'DI'
5951. jnz short loc_12F6E
5952. lodsw
5953. cmp ax, '23'
5954. jnz short loc_12F6E
5955. mov cx, 10h
5956. rep movsb
5957. mov es, cs:_seg_ds
5958. assume es:TEXT16
5959. and word ptr [si], 7FFFh
5960. lodsw
5961. mov word ptr es:_misc_byte_1, ax
5962. lodsw
5963. mov es:_lowmembuf, ax
5964. lodsw
5965. mov es:_version, ax
5966. clc
5967. jmp short loc_12F6F
5968. ; ---------------------------------------------------------------------------
5969.  
5970. loc_12F6E:
5971. stc
5972.  
5973. loc_12F6F:
5974. pop es
5975. assume es:nothing
5976. pop ds
5977. retn
5978. get_default_config endp
5979.  
5980.  
5981. ; =============== S U B R O U T I N E =======================================
5982.  
5983. ; also _app_buf_allocsel
5984.  
5985. get_environ_config proc near
5986. push ds
5987. push es
5988. jb short @@done
5989. test _misc_byte_2, 1
5990. jz short @@done
5991. mov es, _seg_env
5992. xor di, di
5993. mov cx, 0FFFFh
5994. xor ax, ax
5995.  
5996. loc_12F88:
5997. push cx
5998. mov cx, 7
5999. mov si, offset aDos32aweQuietpr ; "DOS32AWE="
6000. repe cmpsb
6001. pop cx
6002. jz short loc_12F9D
6003. repne scasb
6004. cmp al, es:[di]
6005. jnz short loc_12F88
6006. jmp short @@done
6007. ; ---------------------------------------------------------------------------
6008.  
6009. loc_12F9D:
6010. call skip_env_spaces
6011. cmp byte ptr es:[di], 0
6012. jz short @@done
6013. call get_env_word
6014. call skip_env_nonspaces
6015. cmp byte ptr es:[di], 0
6016. jnz short loc_12F9D
6017.  
6018. @@done:
6019. pop es
6020. pop ds
6021. retn
6022. get_environ_config endp
6023.  
6024.  
6025. ; =============== S U B R O U T I N E =======================================
6026.  
6027.  
6028. get_env_word proc near
6029.  
6030. ; FUNCTION CHUNK AT 0170 SIZE 000000DE BYTES
6031.  
6032. xor bx, bx
6033.  
6034. loc_12FB7:
6035. mov si, word ptr dfn_tab.name[bx]
6036. cmp si, 0FFFFh
6037. jz short locret_12FCF
6038. mov cx, dfn_tab.namelen[bx]
6039. push di
6040. repe cmpsb
6041. pop di
6042. jz short loc_12FD0
6043.  
6044. loc_12FCA:
6045. add bx, 6
6046. jmp short loc_12FB7
6047. ; ---------------------------------------------------------------------------
6048.  
6049. locret_12FCF:
6050. retn
6051. ; ---------------------------------------------------------------------------
6052.  
6053. loc_12FD0:
6054. add di, dfn_tab.namelen[bx]
6055. jmp cs:dfn_tab.handler[bx]
6056. get_env_word endp
6057.  
6058.  
6059. ; =============== S U B R O U T I N E =======================================
6060.  
6061.  
6062. skip_env_spaces proc near
6063. mov al, es:[di]
6064. test al, al
6065. jz short locret_12FEC
6066. cmp al, '/'
6067. jz short loc_12FEB
6068. cmp al, ' '
6069. jnz short locret_12FEC
6070. inc di
6071. jmp short skip_env_spaces
6072. ; ---------------------------------------------------------------------------
6073.  
6074. loc_12FEB:
6075. inc di
6076.  
6077. locret_12FEC:
6078. retn
6079. skip_env_spaces endp
6080.  
6081.  
6082. ; =============== S U B R O U T I N E =======================================
6083.  
6084.  
6085. skip_env_nonspaces proc near
6086. mov al, es:[di]
6087. test al, al
6088.  
6089. _app_buf_allocbase:
6090. jz short locret_13000
6091. cmp al, '/'
6092. jz short loc_12FFF
6093. cmp al, ' '
6094. jz short locret_13000
6095. inc di
6096. jmp short skip_env_nonspaces
6097. ; ---------------------------------------------------------------------------
6098.  
6099. loc_12FFF:
6100. inc di
6101.  
6102. locret_13000:
6103. retn
6104. skip_env_nonspaces endp
6105.  
6106.  
6107. ; =============== S U B R O U T I N E =======================================
6108.  
6109.  
6110. get_env_swc proc near
6111. cmp byte ptr es:[di], ':'
6112. jnz short loc_13008
6113. inc di
6114.  
6115. loc_13008:
6116. xor ax, ax
6117. cmp byte ptr es:[di], '0'
6118. jz short @@x1
6119. inc ax
6120. cmp byte ptr es:[di], '1'
6121. jz short @@x1
6122. cmp word ptr es:[di], 'NO'
6123. jz short @@x2
6124. dec ax
6125. cmp word ptr es:[di], 'FO'
6126. jnz short @@x0
6127. cmp byte ptr es:[di+2], 'F'
6128. jz short @@x3
6129.  
6130. @@x0:
6131. stc
6132. retn
6133. ; ---------------------------------------------------------------------------
6134.  
6135. @@x3:
6136. inc di
6137.  
6138. @@x2:
6139. inc di
6140.  
6141. @@x1:
6142. inc di
6143. test al, al
6144. retn
6145. get_env_swc endp
6146.  
6147.  
6148. ; =============== S U B R O U T I N E =======================================
6149.  
6150.  
6151. get_env_num proc near
6152. cmp byte ptr es:[di], ':'
6153. jnz short loc_1303C
6154. inc di
6155.  
6156. loc_1303C:
6157. xor ax, ax
6158. xor bx, bx
6159. mov cx, 10
6160. mov al, es:[di]
6161. sub al, '0'
6162. jb short loc_1306E
6163. cmp al, 9
6164. ja short loc_1306E
6165. xchg ax, bx
6166. mul cx
6167. xchg ax, bx
6168. add bx, ax
6169.  
6170. loc_13054:
6171. inc di
6172. xor ax, ax
6173. mov al, es:[di]
6174. sub al, '0'
6175. jb short loc_1306A
6176. cmp al, 9
6177. ja short loc_1306A
6178. xchg ax, bx
6179. mul cx
6180. xchg ax, bx
6181. add bx, ax
6182. jmp short loc_13054
6183. ; ---------------------------------------------------------------------------
6184.  
6185. loc_1306A:
6186. mov ax, bx
6187. clc
6188. retn
6189. ; ---------------------------------------------------------------------------
6190.  
6191. loc_1306E:
6192. stc
6193. retn
6194. get_env_num endp
6195.  
6196. ; ---------------------------------------------------------------------------
6197. ; START OF FUNCTION CHUNK FOR get_env_word
6198.  
6199. cfg_env_quiet:
6200. and word ptr _misc_byte_1, not 803h
6201. retn
6202. ; ---------------------------------------------------------------------------
6203.  
6204. cfg_env_print:
6205. call get_env_swc
6206. jb short locret_1308B
6207. jz short loc_13085
6208. or word ptr _misc_byte_1, 801h
6209. retn
6210. ; ---------------------------------------------------------------------------
6211.  
6212. loc_13085:
6213. and word ptr _misc_byte_1, not 801h
6214.  
6215. locret_1308B:
6216. retn
6217. ; ---------------------------------------------------------------------------
6218.  
6219. cfg_env_sound:
6220. call get_env_swc
6221. jb short locret_1309E
6222. jz short loc_13099
6223. or _misc_byte_1, 2
6224. retn
6225. ; ---------------------------------------------------------------------------
6226.  
6227. loc_13099:
6228. and _misc_byte_1, not 2
6229.  
6230. locret_1309E:
6231. retn
6232. ; ---------------------------------------------------------------------------
6233.  
6234. cfg_env_extmem:
6235. call get_env_num
6236. jb short locret_130CE
6237. push ds
6238. mov ds, _seg_kernel
6239. assume ds:KERNEL
6240. push ax
6241. mov bx, 1024
6242. mul bx
6243. mov word ptr pm32_maxextmem, ax
6244. mov word ptr pm32_maxextmem+2, dx
6245. pop ax
6246. add ax, 0FFFh
6247. and ax, 0F000h
6248. xor dx, dx
6249. mov bx, 1000h
6250. div bx
6251. test al, al
6252. jnz short loc_130CA
6253. inc al
6254.  
6255. loc_130CA:
6256. mov pm32_maxpages, al
6257. pop ds
6258. assume ds:TEXT16
6259.  
6260. locret_130CE:
6261. retn
6262. ; ---------------------------------------------------------------------------
6263.  
6264. cfg_env_dosbuf:
6265. call get_env_num
6266. cmp ax, 1
6267. jb short locret_130EA
6268. cmp ax, 40h ; '@'
6269. ja short locret_130EA
6270. jnz short loc_130E3
6271. mov ax, 0FFFh
6272. jmp short loc_130E7
6273. ; ---------------------------------------------------------------------------
6274.  
6275. loc_130E3:
6276. mov cl, 6
6277. shl ax, cl
6278.  
6279. loc_130E7:
6280. mov _lowmembuf, ax
6281.  
6282. locret_130EA:
6283. retn
6284. ; ---------------------------------------------------------------------------
6285.  
6286. cfg_env_test:
6287. call get_env_swc
6288. retn
6289. ; ---------------------------------------------------------------------------
6290.  
6291. cfg_env_restore:
6292. call get_env_swc
6293. jb short locret_13101
6294. jz short loc_130FC
6295. or _misc_byte_1, 4
6296. retn
6297. ; ---------------------------------------------------------------------------
6298.  
6299. loc_130FC:
6300. and _misc_byte_1, not 4
6301.  
6302. locret_13101:
6303. retn
6304. ; ---------------------------------------------------------------------------
6305.  
6306. cfg_env_nullp:
6307. call get_env_swc
6308. jb short loc_13109
6309. jz short loc_1310F
6310.  
6311. loc_13109:
6312. or _misc_byte_1, 80h
6313. retn
6314. ; ---------------------------------------------------------------------------
6315.  
6316. loc_1310F:
6317. and _misc_byte_1, 7Fh
6318. retn
6319. ; ---------------------------------------------------------------------------
6320.  
6321. cfg_env_verbose:
6322. call get_env_swc
6323. jb short loc_1311C
6324. jz short loc_13122
6325.  
6326. loc_1311C:
6327. or _misc_byte_2, 10h
6328. retn
6329. ; ---------------------------------------------------------------------------
6330.  
6331. loc_13122:
6332. and _misc_byte_2, 0EFh
6333. retn
6334. ; ---------------------------------------------------------------------------
6335.  
6336. cfg_env_nowarn:
6337. call get_env_num
6338. sub ax, 9000
6339. jb short locret_13147
6340. cmp al, 6
6341. ja short locret_13147
6342. add ax, ax
6343. mov bx, ax
6344. mov errtab_90xx[bx], 0
6345. cmp byte ptr es:[di], ','
6346. jnz short locret_13147
6347. inc di
6348. jmp short cfg_env_nowarn
6349. ; ---------------------------------------------------------------------------
6350.  
6351. locret_13147:
6352. retn
6353. ; ---------------------------------------------------------------------------
6354.  
6355. cfg_env_noc:
6356. and _misc_byte_2, not 8
6357. retn
6358. ; END OF FUNCTION CHUNK FOR get_env_word
6359. ; ---------------------------------------------------------------------------
6360. ; START OF FUNCTION CHUNK FOR alloc_block
6361.  
6362. report_errorm:
6363. mov ax, cs:_err_code
6364. ; END OF FUNCTION CHUNK FOR alloc_block
6365.  
6366. ; =============== S U B R O U T I N E =======================================
6367.  
6368.  
6369. report_error proc near
6370.  
6371. ; FUNCTION CHUNK AT 0488 SIZE 00000039 BYTES
6372.  
6373. push bx
6374. push ds
6375. cmp cs:_sel_ds, 0
6376. jnz short loc_13163
6377. mov ds, cs:_seg_ds
6378. jmp short loc_13168
6379. ; ---------------------------------------------------------------------------
6380.  
6381. loc_13163:
6382. mov ds, cs:_sel_ds
6383.  
6384. loc_13168:
6385. xor bx, bx
6386.  
6387. loc_1316A:
6388. cmp ah, byte ptr g_errtab.category[bx]
6389. jz short loc_1317A
6390. cmp [bx+errtabentry.category], 0FFh
6391. jz short loc_131C4
6392. add bx, 4
6393. jmp short loc_1316A
6394. ; ---------------------------------------------------------------------------
6395.  
6396. loc_1317A:
6397. cmp g_errtab.kind[bx], 1
6398. jnz short loc_13188
6399. test _misc_byte_1, 1
6400. jz short loc_131C4
6401.  
6402. loc_13188:
6403. push ax
6404. push cx
6405. push dx
6406. push bx
6407. mov bl, g_errtab.kind[bx]
6408. mov bh, 0
6409. mov cx, bx
6410. add bx, bx
6411. mov dx, h_errtab[bx]
6412. pop bx
6413. push di
6414. push si
6415. mov si, g_errtab.table[bx]
6416. mov bl, al
6417. mov bh, 0
6418. add bx, bx
6419. mov di, [bx+si]
6420. test di, di
6421. jz short loc_131BA
6422. push ax
6423. call prints
6424. pop ax
6425. mov dx, di
6426. call prints
6427. call printcr
6428.  
6429. loc_131BA:
6430. pop si
6431. pop di
6432. cmp cl, 1
6433. jnz short loc_131C7
6434. pop dx
6435. pop cx
6436. pop ax
6437.  
6438. loc_131C4:
6439. pop ds
6440. pop bx
6441. retn
6442. ; ---------------------------------------------------------------------------
6443.  
6444. loc_131C7:
6445. mov al, 0FFh
6446. cmp _sel_cs, 0
6447. jnz short loc_131D3
6448. jmp exit86
6449. ; ---------------------------------------------------------------------------
6450.  
6451. loc_131D3:
6452. jmp exit386
6453. report_error endp
6454.  
6455.  
6456. ; =============== S U B R O U T I N E =======================================
6457.  
6458.  
6459. copyright proc near
6460. test _misc_byte_2, 8
6461. jz short locret_13209
6462. mov ax, _version
6463. mov bx, (offset cpr_msg+21h)
6464. mov si, offset cpr_msg ; "DOS32AWE -- DOS Extender version x.x.x\r"...
6465. push ax
6466. mov al, ah
6467. aam
6468. add al, '0'
6469. mov [bx], al
6470. pop ax
6471. aam
6472. add ax, '00'
6473. mov [bx+2], ah
6474. mov [bx+4], al
6475. mov cx, (offset aDos32aweFatalW - offset cpr_msg) ; "DOS32AWE -- DOS Extender version x.x.x\r"...
6476.  
6477. loc_131FE:
6478. lodsb
6479. push cx
6480. xor bx, bx
6481. mov ah, 0Eh
6482. int 10h ; - VIDEO - WRITE CHARACTER AND ADVANCE CURSOR (TTY WRITE)
6483. ; AL = character, BH = display page (alpha modes)
6484. ; BL = foreground color (graphics modes)
6485. pop cx
6486. loop loc_131FE
6487.  
6488. locret_13209:
6489. retn
6490. copyright endp
6491.  
6492. ; ---------------------------------------------------------------------------
6493. @char db 2 dup(0)
6494. @crlf db 0Dh,0Ah,0
6495.  
6496. ; =============== S U B R O U T I N E =======================================
6497.  
6498.  
6499. printc proc near
6500. push dx
6501. mov @char, al
6502. mov dx, offset @char
6503. jmp short @prnt
6504. printc endp
6505.  
6506.  
6507. ; =============== S U B R O U T I N E =======================================
6508.  
6509.  
6510. printcr proc near
6511. push dx
6512. mov dx, offset @crlf ; "\r\n"
6513.  
6514. @prnt:
6515. call prints
6516. pop dx
6517. retn
6518. printcr endp
6519.  
6520.  
6521. ; =============== S U B R O U T I N E =======================================
6522.  
6523.  
6524. prints proc near
6525. push ax
6526. push bx
6527. push cx
6528. push dx
6529. push si
6530. push di
6531. push bp
6532. push ds
6533. push es
6534. push ss
6535. pop es
6536. mov bp, sp
6537. sub sp, 100h
6538. add bp, 14h
6539. mov si, dx
6540. mov di, sp
6541. push di
6542.  
6543. loc_1323A:
6544. lodsb
6545. cmp al, '%'
6546. jz short @@args
6547. cmp al, '$'
6548. jnz short @@next
6549. mov al, '?'
6550.  
6551. @@next:
6552. stosb
6553. test al, al
6554. jnz short loc_1323A
6555. pop di
6556. call writes
6557. add sp, 100h
6558. pop es
6559. pop ds
6560. pop bp
6561. pop di
6562. pop si
6563. pop dx
6564. pop cx
6565. pop bx
6566. pop ax
6567. retn
6568. ; ---------------------------------------------------------------------------
6569.  
6570. @@args:
6571. lodsb
6572. cmp al, 25h ; '%'
6573. jz short @@next
6574. cmp al, 63h ; 'c'
6575. jz short @@c
6576. cmp al, 73h ; 's'
6577. jz short @@s
6578. cmp al, 62h ; 'b'
6579. jz short @@b
6580. cmp al, 77h ; 'w'
6581. jz short @@w
6582. cmp al, 6Ch ; 'l'
6583. jz short @@l
6584. cmp al, 64h ; 'd'
6585. jz short @@d
6586. jmp short @@next
6587. ; ---------------------------------------------------------------------------
6588.  
6589. @@c:
6590. mov al, [bp+0]
6591. add bp, 2
6592. jmp short @@next
6593. ; ---------------------------------------------------------------------------
6594.  
6595. @@s:
6596. mov bx, [bp+0]
6597. add bp, 2
6598.  
6599. loc_13289:
6600. mov al, [bx]
6601. inc bx
6602. test al, al
6603. jz short loc_1323A
6604. cmp al, '$'
6605. jnz short loc_13296
6606. mov al, '?'
6607.  
6608. loc_13296:
6609. stosb
6610. jmp short loc_13289
6611. ; ---------------------------------------------------------------------------
6612.  
6613. @@b:
6614. mov ah, [bp+0]
6615. add bp, 2
6616. mov cx, 2
6617. call hex
6618. jmp short loc_1323A
6619. ; ---------------------------------------------------------------------------
6620.  
6621. @@w:
6622. mov ax, [bp+0]
6623. add bp, 2
6624. mov cx, 4
6625. call hex
6626. jmp short loc_1323A
6627. ; ---------------------------------------------------------------------------
6628.  
6629. @@l:
6630. mov ax, [bp+2]
6631. mov cx, 4
6632. call hex
6633. mov ax, [bp+0]
6634. add bp, 4
6635. mov cx, 4
6636. call hex
6637. jmp loc_1323A
6638. ; ---------------------------------------------------------------------------
6639.  
6640. @@d:
6641. mov ax, [bp+0]
6642. add bp, 2
6643. xor cx, cx
6644. call dec
6645. jmp loc_1323A
6646. prints endp
6647.  
6648.  
6649. ; =============== S U B R O U T I N E =======================================
6650.  
6651.  
6652. hex proc near
6653. rol ax, 1
6654. rol ax, 1
6655. rol ax, 1
6656. rol ax, 1
6657. mov bl, al
6658. and bl, 0Fh
6659. add bl, '0'
6660. cmp bl, '9'
6661. jbe short loc_132F3
6662. add bl, 7
6663.  
6664. loc_132F3:
6665. xchg ax, bx
6666. stosb
6667. xchg ax, bx
6668. loop hex
6669. retn
6670. hex endp
6671.  
6672.  
6673. ; =============== S U B R O U T I N E =======================================
6674.  
6675.  
6676. dec proc near
6677. mov bx, 10000
6678. call dec0
6679. mov bx, 1000
6680. call dec0
6681. mov bx, 100
6682. call dec0
6683. mov bx, 10
6684. call dec0
6685. jmp short loc_13320
6686. dec endp
6687.  
6688.  
6689. ; =============== S U B R O U T I N E =======================================
6690.  
6691.  
6692. dec0 proc near
6693. xor dx, dx
6694. div bx
6695. test ax, ax
6696. jz short loc_1331C
6697. inc cx
6698.  
6699. loc_1331C:
6700. test cx, cx
6701. jz short loc_13323
6702.  
6703. loc_13320:
6704. add al, '0'
6705. stosb
6706.  
6707. loc_13323:
6708. mov ax, dx
6709. retn
6710. dec0 endp
6711.  
6712.  
6713. ; =============== S U B R O U T I N E =======================================
6714.  
6715.  
6716. writes proc near
6717. xor al, al
6718. mov dx, di
6719. mov cx, 0FFFFh
6720. repne scasb
6721. dec di
6722. push es
6723. pop ds
6724. mov ax, 924h ; Add dollar terminator
6725. mov [di], al
6726. cmp cs:_sel_cs, 0
6727. jnz short @@pm
6728. int 21h ; DOS - PRINT STRING
6729. ; DS:DX -> string terminated by "$"
6730. retn
6731. ; ---------------------------------------------------------------------------
6732.  
6733. @@pm:
6734. push ebp
6735. sub esp, 32h
6736. mov ebp, esp
6737. mov [ebp+1Ch], ax
6738. mov [ebp+14h], dx
6739. mov ax, cs:_seg_ss
6740. mov [ebp+24h], ax
6741. call int21h
6742. add esp, 32h
6743. pop ebp
6744. retn
6745. writes endp
6746.  
6747. ; ---------------------------------------------------------------------------
6748. ; START OF FUNCTION CHUNK FOR unload_fixups
6749.  
6750. file_error:
6751. mov si, offset start
6752. jmp report_error
6753. ; END OF FUNCTION CHUNK FOR unload_fixups
6754. ; ---------------------------------------------------------------------------
6755. ; START OF FUNCTION CHUNK FOR alloc_block
6756.  
6757. file_errorm:
6758. mov si, offset start
6759. jmp report_errorm
6760. ; END OF FUNCTION CHUNK FOR alloc_block
6761. ; ---------------------------------------------------------------------------
6762.  
6763. dos_error:
6764. mov si, ax
6765. mov ax, 8002h
6766. jmp short common_error
6767. ; ---------------------------------------------------------------------------
6768. ; START OF FUNCTION CHUNK FOR int21h
6769.  
6770. dpmi_error:
6771. mov si, ax
6772. mov ax, 8003h
6773.  
6774. common_error:
6775. cli
6776. lss esp, fword ptr cs:_sel_esp
6777. jmp report_error
6778. ; END OF FUNCTION CHUNK FOR int21h
6779. ; ---------------------------------------------------------------------------
6780. ; START OF FUNCTION CHUNK FOR report_error
6781.  
6782. exit86:
6783. cli
6784. cld
6785. mov ds, cs:_seg_ds
6786. mov es, _seg_es
6787. mov ss, _seg_ss
6788. mov sp, 800h
6789. mov ax, _seg_env
6790. mov es:2Ch, ax
6791. mov ax, 4CFFh
6792. int 21h ; DOS - 2+ - QUIT WITH EXIT CODE (EXIT)
6793. ; AL = exit code
6794. ; ---------------------------------------------------------------------------
6795.  
6796. exit386:
6797. cli
6798. cld
6799. mov ds, cs:_sel_ds
6800. mov es, _sel_es
6801. lss esp, fword ptr _sel_esp
6802. xor dx, dx
6803. mov fs, dx
6804. assume fs:nothing
6805. mov gs, dx
6806. assume gs:nothing
6807. mov ah, 4Ch
6808. int 21h ; DOS - 2+ - QUIT WITH EXIT CODE (EXIT)
6809. ; END OF FUNCTION CHUNK FOR report_error ; AL = exit code
6810.  
6811. ; =============== S U B R O U T I N E =======================================
6812.  
6813.  
6814. save_inttab proc near
6815. push cx
6816. push si
6817. push di
6818. push ds
6819. push es
6820. xor si, si
6821. mov di, 800h
6822. mov ds, cs:_sel_zero
6823. mov es, cs:_sel_ss
6824. mov cx, 200h
6825. cld
6826. rep movsw
6827. in al, 21h ; Interrupt controller, 8259A.
6828. mov ah, al
6829. in al, 0A1h ; Interrupt Controller #2, 8259A
6830. pop es
6831. pop ds
6832. pop di
6833. pop si
6834. pop cx
6835. mov _pic_mask, ax
6836. retn
6837. save_inttab endp
6838.  
6839.  
6840. ; =============== S U B R O U T I N E =======================================
6841.  
6842.  
6843. restore_inttab proc near
6844. test cs:_misc_byte_1, 4
6845. jz short locret_1342A
6846. cmp cs:_sys_type, 3
6847. jz short loc_13400
6848. xor eax, eax
6849. mov dr7, eax
6850.  
6851. loc_13400:
6852. pushf
6853. cli
6854. push si
6855. push di
6856. push ds
6857. push es
6858. xor di, di
6859. mov si, 800h
6860. mov es, cs:_sel_zero
6861. mov ds, cs:_sel_ss
6862. mov cx, 200h
6863. cld
6864. rep movsw
6865. mov ax, cs:_pic_mask
6866. out 0A1h, al ; Interrupt Controller #2, 8259A
6867. mov al, ah
6868. out 21h, al ; Interrupt controller, 8259A.
6869. pop es
6870. pop ds
6871. pop di
6872. pop si
6873. popf
6874.  
6875. locret_1342A:
6876. retn
6877. restore_inttab endp
6878.  
6879.  
6880. ; =============== S U B R O U T I N E =======================================
6881.  
6882.  
6883. check_inttab proc near
6884. test cs:_misc_byte_1, 8
6885. jz short locret_1345D
6886. pushad
6887. push ds
6888. push es
6889. xor bx, bx
6890. mov ds, cs:_sel_ss
6891. mov es, cs:_sel_zero
6892. mov esi, 800h
6893. xor edi, edi
6894. cld
6895.  
6896. loc_1344D:
6897. cmps dword ptr [esi], dword ptr es:[edi]
6898. jnz short loc_1345E
6899.  
6900. loc_13452:
6901. inc bx
6902. cmp bx, 100h
6903. jb short loc_1344D
6904. pop es
6905. pop ds
6906. popad
6907.  
6908. locret_1345D:
6909. retn
6910. ; ---------------------------------------------------------------------------
6911.  
6912. loc_1345E:
6913. mov ax, 9003h
6914. push bx
6915. push si
6916. mov si, bx
6917. call report_error
6918. pop si
6919. pop bx
6920. jmp short loc_13452
6921. check_inttab endp
6922.  
6923.  
6924. ; =============== S U B R O U T I N E =======================================
6925.  
6926.  
6927. restore_pit proc near
6928. push ax
6929. mov al, 36h ; '6'
6930. out 43h, al ; Timer 8253-5 (AT: 8254.2).
6931. mov al, 0
6932. out 40h, al ; Timer 8253-5 (AT: 8254.2).
6933. out 40h, al ; Timer 8253-5 (AT: 8254.2).
6934. pop ax
6935. retn
6936. restore_pit endp
6937.  
6938.  
6939. ; =============== S U B R O U T I N E =======================================
6940.  
6941.  
6942. set_descriptor proc near
6943. push ebx
6944. push ecx
6945. push edx
6946. push ebp
6947. mov ebp, ecx
6948. xor ax, ax
6949. mov cx, 1
6950. int 31h ; DPMI Services ax=func xxxxh
6951. ; ALLOCATE LDT DESCRS
6952. ; CX = number of descriptors to allocate
6953. ; Return: CF set on error
6954. ; CF clear if successful, AX = base selector
6955. jb short loc_134B6
6956. mov bx, ax
6957. mov ax, 9
6958. mov cx, dx
6959. int 31h ; DPMI Services ax=func xxxxh
6960. ; SET DESCRIPTOR ACCESS RIGHTS
6961. ; BX = selector, CL = access rights/type byte
6962. ; CH = 80386 extended rights/type byte (32-bit DPMI implementations only)
6963. ; Return: CF set on error
6964. ; CF clear if successful
6965. jb short loc_134B6
6966. dec ax
6967. mov ecx, ebp
6968. mov dx, cx
6969. shr ecx, 10h
6970. int 31h ; DPMI Services ax=func xxxxh
6971. ; SET SEGMENT LIMIT
6972. ; BX = selector, CX:DX = segment limit
6973. ; Return: CF set on error
6974. ; CF clear if successful
6975. jb short loc_134B6
6976. dec ax
6977. mov ecx, edi
6978. mov dx, cx
6979. shr ecx, 10h
6980. int 31h ; DPMI Services ax=func xxxxh
6981. ; SET SEGMENT BASE ADDRESS
6982. ; BX = selector, CX:DX = linear base address
6983. ; Return: CF set on error
6984. ; CF clear if successful
6985. jb short loc_134B6
6986. mov ax, bx
6987.  
6988. loc_134B6:
6989. pop ebp
6990. pop edx
6991. pop ecx
6992. pop ebx
6993. retn
6994. set_descriptor endp
6995.  
6996.  
6997. ; =============== S U B R O U T I N E =======================================
6998.  
6999.  
7000. _int23 proc near
7001. push ds
7002. mov ds, cs:_sel_ds
7003. or _sys_misc, 100h
7004. pop ds
7005. iretd
7006. _int23 endp
7007.  
7008.  
7009. ; =============== S U B R O U T I N E =======================================
7010.  
7011.  
7012. int10h proc near
7013. push bx
7014. mov bx, 10h
7015. jmp short intxxh
7016. int10h endp
7017.  
7018.  
7019. ; =============== S U B R O U T I N E =======================================
7020.  
7021.  
7022. int33h proc near
7023. push bx
7024. mov bx, 33h ; '3'
7025. jmp short intxxh
7026. int33h endp
7027.  
7028.  
7029. ; =============== S U B R O U T I N E =======================================
7030.  
7031.  
7032. int21h proc near
7033.  
7034. ; FUNCTION CHUNK AT 0478 SIZE 00000010 BYTES
7035.  
7036. push bx
7037. mov bx, 21h ; '!'
7038.  
7039. intxxh:
7040. push cx
7041. push edi
7042. push es
7043. xor eax, eax
7044. mov [ebp+20h], ax
7045. mov [ebp+2Eh], eax
7046. xor cx, cx
7047. push ss
7048. pop es
7049. mov edi, ebp
7050. mov ax, 300h
7051. int 31h ; DPMI Services ax=func xxxxh
7052. ; SIMULATE REAL MODE INTERRUPT
7053. ; BL=interrupt number
7054. ; CX=number of words to copy from protected mode to real mode stack
7055. ; ES:DI / ES:EDI = selector:offset of real mode call structure
7056. ; Return: CF set on error
7057. ; CF clear if ok
7058. pop es
7059. pop edi
7060. pop cx
7061. pop bx
7062. jb dpmi_error
7063. retn
7064. int21h endp
7065.  
7066.  
7067. ; =============== S U B R O U T I N E =======================================
7068.  
7069.  
7070. setup_dta_buffer proc near
7071. sub esp, 32h
7072. mov ebp, esp
7073. mov ax, _seg_ss
7074. add ax, 10h
7075. mov _seg_dta, ax
7076. mov [ebp+24h], ax
7077. add ax, 8
7078. mov _seg_mus, ax
7079. mov ax, ss
7080. mov _dta_sel, ax
7081. mov _app_dta_sel, ax
7082. mov eax, 100h
7083. mov _dta_ofs, eax
7084. mov _app_dta_ofs, eax
7085. mov byte ptr [ebp+1Dh], 1Ah
7086. mov word ptr [ebp+14h], 0
7087. call int21h
7088. add esp, 32h
7089. retn
7090. setup_dta_buffer endp
7091.  
7092.  
7093. ; =============== S U B R O U T I N E =======================================
7094.  
7095.  
7096. initialize_mouse proc near
7097. push ds
7098. mov ds, _sel_zero
7099. assume ds:nothing
7100. cmp dword ptr ds:0CCh, 0
7101. pop ds
7102. assume ds:TEXT16
7103. jz short @@err
7104. mov ax, 21h ; '!'
7105. int 33h ; - MS MOUSE - SOFTWARE RESET
7106. ; Return: AX = FFFFh if mouse driver installed
7107. ; AX = 0021h if mouse driver not installed
7108. ; BX = 2 if mouse driver is installed
7109. cmp ax, 21h ; '!'
7110. jnz short loc_13566
7111. xor ax, ax
7112. int 33h ; - MS MOUSE - RESET DRIVER AND READ STATUS
7113. ; Return: AX = status
7114. ; BX = number of buttons
7115. inc ax
7116. jnz short @@err
7117.  
7118. loc_13566:
7119. mov ax, 15h
7120. int 33h ; - MS MOUSE - RETURN DRIVER STORAGE REQUIREMENTS
7121. ; Return: BX = size of buffer needed to store driver state
7122. movzx eax, bx
7123. cmp eax, _lobufsize
7124. jnb short @@err
7125. mov _mus_size, eax
7126. push ds
7127. push es
7128. push cs
7129. pop ds
7130. push ss
7131. pop es
7132. mov esi, offset _mus_int_pm
7133. mov edi, 7C0h
7134. mov ax, 303h
7135. int 31h ; DPMI Services ax=func xxxxh
7136. ; ALLOCATE REAL MODE CALL-BACK ADDRESS
7137. ; DS:SI=selector:offset of procedure to call
7138. ; ES:DI=selector:offset of real mode call structure
7139. ; Return: CF set on error
7140. ; CF clear if ok, CX:DX = segment:offset of real mode call address
7141. pop es
7142. pop ds
7143. jb dpmi_error
7144. mov _mus_backofs, dx
7145. mov _mus_backseg, cx
7146. retn
7147. ; ---------------------------------------------------------------------------
7148.  
7149. @@err: ; dummy int33
7150. mov word ptr _int33, 0CF66h
7151. mov ax, 9004h
7152. jmp report_error
7153. initialize_mouse endp
7154.  
7155.  
7156. ; =============== S U B R O U T I N E =======================================
7157.  
7158.  
7159. install_client_ints proc near
7160. mov ax, 205h
7161. mov cx, cs
7162. mov bl, 10h
7163. mov edx, offset _int10
7164. int 31h ; DPMI Services ax=func xxxxh
7165. ; SET PROTECTED MODE INTERRUPT VECTOR
7166. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7167. ; Return: CF set on error
7168. ; CF clear if successful
7169. jb @@err
7170. mov bl, 21h ; '!'
7171. mov dx, offset _int21
7172. int 31h ; DPMI Services ax=func xxxxh
7173. ; SET PROTECTED MODE INTERRUPT VECTOR
7174. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7175. ; Return: CF set on error
7176. ; CF clear if successful
7177. jb @@err
7178. mov bl, 23h ; '#'
7179. mov dx, offset _int23
7180. int 31h ; DPMI Services ax=func xxxxh
7181. ; SET PROTECTED MODE INTERRUPT VECTOR
7182. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7183. ; Return: CF set on error
7184. ; CF clear if successful
7185. jb @@err
7186. mov bl, 33h ; '3'
7187. mov dx, offset _int33
7188. int 31h ; DPMI Services ax=func xxxxh
7189. ; SET PROTECTED MODE INTERRUPT VECTOR
7190. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7191. ; Return: CF set on error
7192. ; CF clear if successful
7193. jb @@err
7194. mov ax, 203h
7195. mov bl, 0
7196. mov dx, offset eh00
7197. int 31h ; DPMI Services ax=func xxxxh
7198. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7199. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7200. ; Return: CF set on error
7201. ; CF clear if successful
7202. jb short @@err
7203. nop
7204. nop
7205. mov bl, 1
7206. mov dx, offset eh01
7207. int 31h ; DPMI Services ax=func xxxxh
7208. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7209. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7210. ; Return: CF set on error
7211. ; CF clear if successful
7212. jb short @@err
7213. mov bl, 2
7214. mov dx, offset eh02
7215. int 31h ; DPMI Services ax=func xxxxh
7216. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7217. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7218. ; Return: CF set on error
7219. ; CF clear if successful
7220. jb short @@err
7221. mov bl, 3
7222. mov dx, offset eh03
7223. int 31h ; DPMI Services ax=func xxxxh
7224. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7225. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7226. ; Return: CF set on error
7227. ; CF clear if successful
7228. jb short @@err
7229. mov bl, 4
7230. mov dx, offset eh04
7231. int 31h ; DPMI Services ax=func xxxxh
7232. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7233. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7234. ; Return: CF set on error
7235. ; CF clear if successful
7236. jb short @@err
7237. mov bl, 5
7238. mov dx, offset eh05
7239. int 31h ; DPMI Services ax=func xxxxh
7240. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7241. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7242. ; Return: CF set on error
7243. ; CF clear if successful
7244. jb short @@err
7245. mov bl, 6
7246. mov dx, offset eh06
7247. int 31h ; DPMI Services ax=func xxxxh
7248. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7249. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7250. ; Return: CF set on error
7251. ; CF clear if successful
7252. jb short @@err
7253. mov bl, 7
7254. mov dx, offset eh07
7255. int 31h ; DPMI Services ax=func xxxxh
7256. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7257. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7258. ; Return: CF set on error
7259. ; CF clear if successful
7260. jb short @@err
7261. mov bl, 8
7262. mov dx, offset eh08
7263. int 31h ; DPMI Services ax=func xxxxh
7264. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7265. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7266. ; Return: CF set on error
7267. ; CF clear if successful
7268. jb short @@err
7269. mov bl, 9
7270. mov dx, offset eh09
7271. int 31h ; DPMI Services ax=func xxxxh
7272. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7273. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7274. ; Return: CF set on error
7275. ; CF clear if successful
7276. jb short @@err
7277. mov bl, 0Ah
7278. mov dx, offset eh0A
7279. int 31h ; DPMI Services ax=func xxxxh
7280. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7281. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7282. ; Return: CF set on error
7283. ; CF clear if successful
7284. jb short @@err
7285. mov bl, 0Bh
7286. mov dx, offset eh0B
7287. int 31h ; DPMI Services ax=func xxxxh
7288. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7289. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7290. ; Return: CF set on error
7291. ; CF clear if successful
7292. jb short @@err
7293. mov bl, 0Ch
7294. mov dx, offset eh0C
7295. int 31h ; DPMI Services ax=func xxxxh
7296. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7297. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7298. ; Return: CF set on error
7299. ; CF clear if successful
7300. jb short @@err
7301. mov bl, 0Dh
7302. mov dx, offset eh0D
7303. int 31h ; DPMI Services ax=func xxxxh
7304. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7305. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7306. ; Return: CF set on error
7307. ; CF clear if successful
7308. jb short @@err
7309. mov bl, 0Eh
7310. mov dx, offset eh0E
7311. int 31h ; DPMI Services ax=func xxxxh
7312. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7313. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7314. ; Return: CF set on error
7315. ; CF clear if successful
7316. clc
7317.  
7318. @@err:
7319. retn
7320. install_client_ints endp
7321.  
7322.  
7323. ; =============== S U B R O U T I N E =======================================
7324.  
7325.  
7326. uninstall_client_ints proc near
7327. mov ax, 205h
7328. mov bl, 10h
7329. mov cx, cs:_int10_._cs
7330. mov edx, cs:_int10_._ip
7331. int 31h ; DPMI Services ax=func xxxxh
7332. ; SET PROTECTED MODE INTERRUPT VECTOR
7333. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7334. ; Return: CF set on error
7335. ; CF clear if successful
7336. mov bl, 21h
7337. mov cx, cs:_int21_._cs
7338. mov edx, cs:_int21_._ip
7339. int 31h ; DPMI Services ax=func xxxxh
7340. ; SET PROTECTED MODE INTERRUPT VECTOR
7341. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7342. ; Return: CF set on error
7343. ; CF clear if successful
7344. mov bl, 23h
7345. mov cx, cs:_int23_._cs
7346. mov edx, cs:_int23_._ip
7347. int 31h ; DPMI Services ax=func xxxxh
7348. ; SET PROTECTED MODE INTERRUPT VECTOR
7349. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7350. ; Return: CF set on error
7351. ; CF clear if successful
7352. mov bl, 33h
7353. mov cx, cs:_int33_._cs
7354. mov edx, cs:_int33_._ip
7355. int 31h ; DPMI Services ax=func xxxxh
7356. ; SET PROTECTED MODE INTERRUPT VECTOR
7357. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
7358. ; Return: CF set on error
7359. ; CF clear if successful
7360. mov ax, 203h
7361. xor ebx, ebx
7362.  
7363. loc_136B1:
7364. mov cx, cs:_exc_tab._cs[ebx*8]
7365. mov edx, cs:_exc_tab._ip[ebx*8]
7366. int 31h ; DPMI Services ax=func xxxxh
7367. ; SET PROCESSOR EXCEPTION HANDLER VECTOR
7368. ; BL = exception number (00h-1Fh), CX:DX / CX:EDX = selector:offset of handler
7369. ; Return: CF set on error
7370. ; CF clear if successful
7371. inc bl
7372. cmp bl, 0Fh
7373. jb short loc_136B1
7374. clc
7375. retn
7376. uninstall_client_ints endp
7377.  
7378.  
7379. ; =============== S U B R O U T I N E =======================================
7380.  
7381.  
7382. install_nullptr_protect proc near
7383. cmp _sys_type, 3
7384. jz short locret_136FE
7385. test _misc_byte_1, 80h
7386. jz short locret_136FE
7387. xor eax, eax
7388. mov dr6, eax
7389. mov dr0, eax
7390. add al, 4
7391. mov dr1, eax
7392. add al, 4
7393. mov dr2, eax
7394. add al, 4
7395. mov dr3, eax
7396. mov eax, 0DDDD03FFh
7397. mov dr7, eax
7398.  
7399. locret_136FE:
7400. retn
7401. install_nullptr_protect endp
7402.  
7403.  
7404. ; =============== S U B R O U T I N E =======================================
7405.  
7406.  
7407. setup_selector proc near
7408. xor edi, edi
7409. or ecx, 0FFFFFFFFh
7410. mov ax, cs
7411. lar dx, ax
7412. mov dl, 0C0h ; 'À'
7413. xchg dh, dl
7414. and dl, 60h
7415. or dl, 92h
7416. mov _acc_rights, dx
7417. call set_descriptor
7418. jb short loc_13730
7419. mov _sel_zero, ax
7420. mov ax, 8
7421. mov bx, ds
7422. mov cx, 0FFFFh
7423. mov dx, cx
7424. int 31h ; DPMI Services ax=func xxxxh
7425. ; SET SEGMENT LIMIT
7426. ; BX = selector, CX:DX = segment limit
7427. ; Return: CF set on error
7428. ; CF clear if successful
7429. jb short loc_13730
7430. retn
7431. ; ---------------------------------------------------------------------------
7432.  
7433. loc_13730:
7434. mov ax, 4CFFh
7435. int 21h ; DOS - 2+ - QUIT WITH EXIT CODE (EXIT)
7436. setup_selector endp ; AL = exit code
7437.  
7438.  
7439. ; =============== S U B R O U T I N E =======================================
7440.  
7441.  
7442. check_command_line proc near
7443. mov di, 80h ; '€'
7444. movzx cx, byte ptr es:[di]
7445. jcxz short loc_13764
7446. inc di
7447. mov al, ' '
7448. repe scasb
7449. jz short loc_13764
7450. dec di
7451. inc cx
7452. mov bx, di
7453.  
7454. loc_13749:
7455. mov al, es:[di]
7456. cmp al, 9
7457. jz short loc_1375B
7458. cmp al, 0Dh
7459. jz short loc_1375B
7460. cmp al, ' '
7461. jz short loc_1375B
7462. inc di
7463. loop loc_13749
7464.  
7465. loc_1375B:
7466. mov cx, di
7467. mov si, bx
7468. mov di, bx
7469. sub cx, bx
7470. retn
7471. ; ---------------------------------------------------------------------------
7472.  
7473. loc_13764:
7474. xor si, si
7475. retn
7476. check_command_line endp
7477.  
7478.  
7479. ; =============== S U B R O U T I N E =======================================
7480.  
7481.  
7482. remove_name_from_cmd proc near
7483. call check_command_line
7484. jz short locret_13770
7485. mov al, ' '
7486. rep stosb
7487.  
7488. locret_13770:
7489. retn
7490. remove_name_from_cmd endp
7491.  
7492.  
7493. ; =============== S U B R O U T I N E =======================================
7494.  
7495.  
7496. check_if_fullname proc near
7497. push ds
7498. push es
7499. call check_command_line
7500. jz short loc_13792
7501. mov al, '\'
7502. mov bx, cx
7503. repne scasb
7504. jcxz short loc_13792
7505. push ds
7506. push es
7507. pop ds
7508. pop es
7509. mov cx, bx
7510. mov di, (offset loc_15BAA+2)
7511. rep movsb
7512. xor al, al
7513. stosb
7514. pop es
7515. pop ds
7516. stc
7517. retn
7518. ; ---------------------------------------------------------------------------
7519.  
7520. loc_13792:
7521. pop es
7522. pop ds
7523. clc
7524. retn
7525. check_if_fullname endp
7526.  
7527.  
7528. ; =============== S U B R O U T I N E =======================================
7529.  
7530.  
7531. update_environment proc near
7532. push ds
7533. push es
7534. call check_if_fullname
7535. jb short loc_137DB
7536. mov ah, 19h
7537. int 21h ; DOS - GET DEFAULT DISK NUMBER
7538. mov dl, al
7539. add al, 41h ; 'A'
7540. mov byte ptr loc_15BAA+2, al
7541. mov word ptr loc_15BAD, 5C3Ah
7542. inc dx
7543. mov ah, 47h ; 'G'
7544. mov esi, (offset loc_15BAD+2)
7545. int 21h ; DOS - 2+ - GET CURRENT DIRECTORY
7546. ; DL = drive (0=default, 1=A, etc.)
7547. ; DS:SI points to 64-byte buffer area
7548. push ds
7549. pop es
7550. assume es:TEXT16
7551. xor al, al
7552. mov di, si
7553. mov cx, 40h ; '@'
7554. repne scasb
7555. cmp byte ptr [di-2], '\'
7556. jnz short loc_137CB
7557. dec di
7558.  
7559. loc_137CB:
7560. mov byte ptr [di-1], '\'
7561. mov si, offset start
7562. mov cx, 40h ; '@'
7563.  
7564. loc_137D5:
7565. lodsb
7566. stosb
7567. test al, al
7568. loopne loc_137D5
7569.  
7570. loc_137DB:
7571. push ds
7572. pop es
7573. xor al, al
7574. mov cx, 0FFFFh
7575. mov di, (offset loc_15BAA+2)
7576. repne scasb
7577. not cx
7578. mov bx, cx
7579. pop es
7580. assume es:nothing
7581. push es
7582. mov ax, es:2Ch
7583. test ax, ax
7584. jz short loc_13823
7585. lar cx, ax
7586. jnz short loc_13823
7587. mov es, ax
7588. xor al, al
7589. xor di, di
7590. mov cx, 0FFFFh
7591.  
7592. loc_13803:
7593. repne scasb
7594. scasb
7595. jnz short loc_13803
7596. inc di
7597. inc di
7598. mov cx, 0FFFFh
7599. mov dx, di
7600. repne scasb
7601. not cx
7602. cmp bx, cx
7603. ja short create_new_environment
7604. mov cx, bx
7605. mov di, dx
7606. mov si, (offset loc_15BAA+2)
7607. rep movsb
7608. pop es
7609. pop ds
7610. retn
7611. ; ---------------------------------------------------------------------------
7612.  
7613. loc_13823:
7614. mov ax, 2000h
7615. jmp report_error
7616. ; ---------------------------------------------------------------------------
7617.  
7618. create_new_environment:
7619. push bx
7620. mov cx, 0FFFFh
7621. xor di, di
7622.  
7623. loc_1382F:
7624. repne scasb
7625. dec cx
7626. scasb
7627. jnz short loc_1382F
7628. not cx
7629. inc cx
7630. inc cx
7631. push cx
7632. add bx, cx
7633. shr bx, 4
7634. inc bx
7635. mov ax, 100h
7636. int 31h ; DPMI Services ax=func xxxxh
7637. ; ALLOCATE DOS MEMORY BLOCK
7638. ; BX = number of paragraphs to allocate
7639. ; Return: CF set on error
7640. ; CF clear if successful
7641. pop cx
7642. jb short loc_13862
7643. push es
7644. pop ds
7645. mov es, dx
7646. xor si, si
7647. xor di, di
7648. rep movsb
7649. pop cx
7650. mov si, 2CACh
7651. push cs
7652. pop ds
7653. rep movsb
7654. pop es
7655. pop ds
7656. mov es:2Ch, dx
7657. retn
7658. ; ---------------------------------------------------------------------------
7659.  
7660. loc_13862:
7661. mov ax, 2000h
7662. jmp report_error
7663. update_environment endp
7664.  
7665.  
7666. ; =============== S U B R O U T I N E =======================================
7667.  
7668.  
7669. open_exec proc near
7670. push ds
7671. push es
7672. mov ax, es:2Ch
7673. test ax, ax
7674. jz short loc_138B0
7675. lar cx, ax
7676. jnz short loc_138B0
7677. mov es, ax
7678. xor ax, ax
7679. xor di, di
7680. mov cx, 0FFFFh
7681.  
7682. loc_13880:
7683. repne scasb
7684. scasb
7685. jcxz short loc_138B0
7686. jnz short loc_13880
7687. inc di
7688. inc di
7689. push ds
7690. push es
7691. pop ds
7692. pop es
7693. push di
7694. mov si, di
7695. mov di, offset start
7696.  
7697. loc_13893:
7698. lodsb
7699. stosb
7700. test al, al
7701. jnz short loc_13893
7702. pop di
7703. movzx edx, di
7704. mov ax, 3DC0h
7705. int 21h ; DOS - 2+ - OPEN DISK FILE WITH HANDLE
7706. ; DS:DX -> ASCIZ filename
7707. ; AL = access mode
7708. ; 0 - read, 1 - write, 2 - read & write
7709. pop es
7710. pop ds
7711. mov word ptr aThisProgramRequ+4, ax ; +4: _exec_handle
7712. ; +8: _exec_start
7713. ; +C: _srcaddr
7714. ; +10: _codesize
7715. ; +14: _app_num_objects
7716. ; +18: _app_off_objects
7717. ; +1C: _app_off_pagetab
7718. ; +20: _app_off_fixpagetab
7719. ; +24: _app_off_fixrectab
7720. mov ax, 2001h
7721. jb file_error
7722. retn
7723. ; ---------------------------------------------------------------------------
7724.  
7725. loc_138B0:
7726. mov ax, 2000h
7727. jmp report_error
7728. open_exec endp
7729.  
7730.  
7731. ; =============== S U B R O U T I N E =======================================
7732.  
7733.  
7734. load_exec_header proc near
7735. xor edx, edx
7736. mov ecx, 40h ; '@'
7737. mov _err_code, 2002h
7738. call load_fs_block
7739. cmp word ptr fs:0, 'ZM'
7740. jnz file_errorm
7741. mov eax, fs:3Ch
7742. mov edx, fs:18h
7743. mov dword ptr aThisProgramRequ+8, eax ; +4: _exec_handle
7744. ; +8: _exec_start
7745. ; +C: _srcaddr
7746. ; +10: _codesize
7747. ; +14: _app_num_objects
7748. ; +18: _app_off_objects
7749. ; +1C: _app_off_pagetab
7750. ; +20: _app_off_fixpagetab
7751. ; +24: _app_off_fixrectab
7752. retn
7753. load_exec_header endp
7754.  
7755.  
7756. ; =============== S U B R O U T I N E =======================================
7757.  
7758.  
7759. open_extrn_exec proc near
7760. push ds
7761. push es
7762. push ds
7763. push es
7764. pop ds
7765. pop es
7766. mov di, offset start
7767. rep movsb
7768. push es
7769. pop ds
7770. mov byte ptr [di], 0
7771. mov edx, offset start
7772. mov ax, 3DC0h
7773. int 21h ; DOS - 2+ - OPEN DISK FILE WITH HANDLE
7774. ; DS:DX -> ASCIZ filename
7775. ; AL = access mode
7776. ; 0 - read, 1 - write, 2 - read & write
7777. jb short loc_13906
7778. pop es
7779. pop ds
7780. mov word ptr aThisProgramRequ+4, ax ; +4: _exec_handle
7781. ; +8: _exec_start
7782. ; +C: _srcaddr
7783. ; +10: _codesize
7784. ; +14: _app_num_objects
7785. ; +18: _app_off_objects
7786. ; +1C: _app_off_pagetab
7787. ; +20: _app_off_fixpagetab
7788. ; +24: _app_off_fixrectab
7789. retn
7790. ; ---------------------------------------------------------------------------
7791.  
7792. loc_13906:
7793. mov bx, offset start
7794.  
7795. loc_13909:
7796. cmp byte ptr [bx], '.'
7797. stc
7798. jz short loc_1393A
7799. inc bx
7800. cmp bx, di
7801. jb short loc_13909
7802. mov eax, 'EXE.'
7803. cmp eax, [di-4]
7804. stc
7805. jz short loc_1393A
7806. mov eax, 'exe.'
7807. cmp eax, [di-4]
7808. stc
7809. jz short loc_1393A
7810. mov [di], eax
7811. mov byte ptr [di+4], 0
7812. mov ax, 3DC0h
7813. int 21h ; DOS - 2+ - OPEN DISK FILE WITH HANDLE
7814. ; DS:DX -> ASCIZ filename
7815. ; AL = access mode
7816. ; 0 - read, 1 - write, 2 - read & write
7817.  
7818. loc_1393A:
7819. pop es
7820. pop ds
7821. mov word ptr aThisProgramRequ+4, ax ; +4: _exec_handle
7822. ; +8: _exec_start
7823. ; +C: _srcaddr
7824. ; +10: _codesize
7825. ; +14: _app_num_objects
7826. ; +18: _app_off_objects
7827. ; +1C: _app_off_pagetab
7828. ; +20: _app_off_fixpagetab
7829. ; +24: _app_off_fixrectab
7830. mov ax, 3001h
7831. jb file_error
7832. retn
7833. open_extrn_exec endp
7834.  
7835.  
7836. ; =============== S U B R O U T I N E =======================================
7837.  
7838.  
7839. load_extrn_exec_header proc near
7840. xor edx, edx
7841. mov ecx, 40h ; '@'
7842. mov _err_code, 3002h
7843. call load_fs_block
7844. call seek_from_start
7845. xor ebp, ebp
7846. mov dword ptr aThisProgramRequ+8, ebp ; +4: _exec_handle
7847. ; +8: _exec_start
7848. ; +C: _srcaddr
7849. ; +10: _codesize
7850. ; +14: _app_num_objects
7851. ; +18: _app_off_objects
7852. ; +1C: _app_off_pagetab
7853. ; +20: _app_off_fixpagetab
7854. ; +24: _app_off_fixrectab
7855. mov dword ptr a80386ProcessorO, ebp ; +0: _app_off_datapages
7856. ; +4: _app_off_pageshift
7857. ; +8: _app_eip_object
7858. ; +C: _app_esp_object
7859. ; +10: _app_eip
7860. ; +14: _app_esp
7861. ; +18: _unreloc_eip
7862. ; +20: _app_siz_fixrectab
7863. ; +24: _app_buf_fixrscstab
7864. ; +28: _app_size_lastpage
7865. cmp word ptr fs:0, 'ZM'
7866. jnz search_for_le
7867. mov eax, fs:18h
7868. cmp ax, 40h ; '@'
7869. jnz short search_for_mz
7870. mov eax, fs:3Ch
7871. test ax, ax
7872. jz short search_for_mz
7873. mov dword ptr aThisProgramRequ+8, eax ; +4: _exec_handle
7874. ; +8: _exec_start
7875. ; +C: _srcaddr
7876. ; +10: _codesize
7877. ; +14: _app_num_objects
7878. ; +18: _app_off_objects
7879. ; +1C: _app_off_pagetab
7880. ; +20: _app_off_fixpagetab
7881. ; +24: _app_off_fixrectab
7882. retn
7883. ; ---------------------------------------------------------------------------
7884.  
7885. search_for_mz:
7886. xor esi, esi
7887.  
7888. loc_1398F:
7889. movzx eax, word ptr fs:4
7890. shl eax, 9
7891. movzx ebx, word ptr fs:2
7892. add eax, ebx
7893. mov bx, fs:0
7894. cmp bx, 'ZM'
7895. jz short loc_139B7
7896. cmp bx, 'WB'
7897. jz short loc_139BD
7898. jmp short loc_139E0
7899. ; ---------------------------------------------------------------------------
7900.  
7901. loc_139B7:
7902. sub eax, 200h
7903.  
7904. loc_139BD:
7905. mov esi, ebp
7906. add ebp, eax
7907. mov edx, ebp
7908. call seek_from_start
7909. mov ecx, 40h ; '@'
7910. xor edx, edx
7911. call load_fs_block
7912. test eax, eax
7913. jnz short loc_1398F
7914. mov ax, 3003h
7915. jmp file_error
7916. ; ---------------------------------------------------------------------------
7917.  
7918. loc_139E0:
7919. mov bx, fs:0
7920. cmp bx, 'EL'
7921. jz short loc_13A06
7922. cmp bx, 'XL'
7923. jz short loc_13A06
7924. cmp bx, 'CL'
7925. jz short loc_13A06
7926. cmp bx, 'EP'
7927. jz short loc_13A06
7928. mov edx, ebp
7929. call seek_from_start
7930. call search_for_le
7931.  
7932. loc_13A06:
7933. cmp eax, esi
7934. jz short locret_13A2A
7935. mov edx, esi
7936. add eax, 10h
7937. add edx, 10h
7938. and al, 0F0h
7939. and dl, 0F0h
7940. cmp eax, edx
7941. jz short locret_13A2A
7942. mov dword ptr aThisProgramRequ+8, ebp ; +4: _exec_handle
7943. ; +8: _exec_start
7944. ; +C: _srcaddr
7945. ; +10: _codesize
7946. ; +14: _app_num_objects
7947. ; +18: _app_off_objects
7948. ; +1C: _app_off_pagetab
7949. ; +20: _app_off_fixpagetab
7950. ; +24: _app_off_fixrectab
7951. mov dword ptr a80386ProcessorO, esi ; +0: _app_off_datapages
7952. ; +4: _app_off_pageshift
7953. ; +8: _app_eip_object
7954. ; +C: _app_esp_object
7955. ; +10: _app_eip
7956. ; +14: _app_esp
7957. ; +18: _unreloc_eip
7958. ; +20: _app_siz_fixrectab
7959. ; +24: _app_buf_fixrscstab
7960. ; +28: _app_size_lastpage
7961.  
7962. locret_13A2A:
7963. retn
7964. load_extrn_exec_header endp
7965.  
7966.  
7967. ; =============== S U B R O U T I N E =======================================
7968.  
7969.  
7970. search_for_le proc near
7971. mov edx, _lobufzero
7972. mov ecx, _lobufsize
7973. call load_gs_block
7974. test ax, ax
7975. mov ax, 3003h
7976. jz file_error
7977. shr cx, 1
7978.  
7979. loc_13A43:
7980. mov ax, gs:[edx]
7981. mov bx, gs:[edx+2]
7982. test bx, bx
7983. jnz short loc_13A64
7984. cmp ax, 'EL'
7985. jz short locret_13A70
7986. cmp ax, 'XL'
7987. jz short locret_13A70
7988. cmp ax, 'CL'
7989. jz short locret_13A70
7990. cmp ax, 'PE'
7991. jz short locret_13A70
7992.  
7993. loc_13A64:
7994. add edx, 2
7995. add ebp, 2
7996. loop loc_13A43
7997. jmp short search_for_le
7998. ; ---------------------------------------------------------------------------
7999.  
8000. locret_13A70:
8001. retn
8002. search_for_le endp
8003.  
8004.  
8005. ; =============== S U B R O U T I N E =======================================
8006.  
8007.  
8008. close_exec proc near
8009. mov bx, word ptr cs:aThisProgramRequ+4 ; +4: _exec_handle
8010. ; +8: _exec_start
8011. ; +C: _srcaddr
8012. ; +10: _codesize
8013. ; +14: _app_num_objects
8014. ; +18: _app_off_objects
8015. ; +1C: _app_off_pagetab
8016. ; +20: _app_off_fixpagetab
8017. ; +24: _app_off_fixrectab
8018. mov ah, 3Eh
8019. int 21h ; DOS - 2+ - CLOSE A FILE WITH HANDLE
8020. ; BX = file handle
8021. retn
8022. close_exec endp
8023.  
8024.  
8025. ; =============== S U B R O U T I N E =======================================
8026.  
8027.  
8028. seek_from_start proc near
8029. push bx
8030. push ecx
8031. push edx
8032. push eax
8033. mov ecx, edx
8034. shr ecx, 10h
8035. mov bx, word ptr cs:aThisProgramRequ+4 ; +4: _exec_handle
8036. ; +8: _exec_start
8037. ; +C: _srcaddr
8038. ; +10: _codesize
8039. ; +14: _app_num_objects
8040. ; +18: _app_off_objects
8041. ; +1C: _app_off_pagetab
8042. ; +20: _app_off_fixpagetab
8043. ; +24: _app_off_fixrectab
8044. mov ax, 4200h
8045. int 21h ; DOS - 2+ - MOVE FILE READ/WRITE POINTER (LSEEK)
8046. ; AL = method: offset from beginning of file
8047. pop eax
8048. pop edx
8049. pop ecx
8050. pop bx
8051. jb file_errorm
8052. retn
8053. seek_from_start endp
8054.  
8055.  
8056. ; =============== S U B R O U T I N E =======================================
8057.  
8058.  
8059. load_fs_block proc near
8060. push bx
8061. push ds
8062. push fs
8063. pop ds
8064. assume ds:nothing
8065. jmp short loc_13AAB
8066. load_fs_block endp
8067.  
8068.  
8069. ; =============== S U B R O U T I N E =======================================
8070.  
8071.  
8072. load_gs_block proc near
8073. push bx
8074. push ds
8075. push gs
8076. pop ds
8077.  
8078. loc_13AAB: ; +4: _exec_handle
8079. mov bx, word ptr cs:aThisProgramRequ+4 ; +8: _exec_start
8080. ; +C: _srcaddr
8081. ; +10: _codesize
8082. ; +14: _app_num_objects
8083. ; +18: _app_off_objects
8084. ; +1C: _app_off_pagetab
8085. ; +20: _app_off_fixpagetab
8086. ; +24: _app_off_fixrectab
8087. mov ah, 3Fh
8088. int 21h ; DOS - 2+ - READ FROM FILE WITH HANDLE
8089. ; BX = file handle, CX = number of bytes to read
8090. ; DS:DX -> buffer
8091. pop ds
8092. assume ds:TEXT16
8093. pop bx
8094. jb file_errorm
8095. retn
8096. load_gs_block endp
8097.  
8098.  
8099. ; =============== S U B R O U T I N E =======================================
8100.  
8101.  
8102. verbose_getmem proc near
8103. pop bp
8104. mov ax, 0FF90h
8105. int 21h ; DOS - DOS v??? - OEM FUNCTION
8106. shr eax, 0Ah
8107. test eax, 0FFFF0000h
8108. mov dx, offset aKb ; "KB"
8109. jz short loc_13AD7
8110. mov dx, offset aMb ; "MB"
8111. shr eax, 0Ah
8112.  
8113. loc_13AD7:
8114. push dx
8115. push ax
8116. mov ah, 48h ; 'H'
8117. mov bx, 0FFFFh
8118. int 21h ; DOS - 2+ - ALLOCATE MEMORY
8119. ; BX = number of 16-byte paragraphs desired
8120. shr bx, 6
8121. push bx
8122. jmp bp
8123. verbose_getmem endp ; sp-analysis failed
8124.  
8125.  
8126. ; =============== S U B R O U T I N E =======================================
8127.  
8128.  
8129. verbose_showsys proc near
8130. test _misc_byte_2, 10h
8131. jz short locret_13B15
8132. call verbose_getmem
8133. movzx eax, _sys_type
8134. lea eax, systypes.str[eax+eax*4]
8135. push ax
8136. movzx ax, _cpu_type
8137. imul ax, 100
8138. add ax, 86
8139. push ax
8140. mov dx, offset aProcessorDSyste ; "Processor: %d, System: %s, Memory: DOS="...
8141. call prints
8142. add sp, 0Ah
8143.  
8144. locret_13B15:
8145. retn
8146. verbose_showsys endp ; sp-analysis failed
8147.  
8148.  
8149. ; =============== S U B R O U T I N E =======================================
8150.  
8151.  
8152. verbose_showloadhdr proc near
8153. test _misc_byte_2, 10h
8154. jz short locret_13B39
8155. movzx eax, byte ptr aSystemSoftwareD+3 ; +3: _app_type
8156. ; +4: _app_load
8157. lea eax, header_types.field_0[eax+eax*2]
8158. push ax
8159. push offset start
8160. mov dx, offset aLoadingProgramS ; "Loading program \"%s\", %s-style\r\n"
8161. call prints
8162. add sp, 4
8163.  
8164. locret_13B39:
8165. retn
8166. verbose_showloadhdr endp
8167.  
8168.  
8169. ; =============== S U B R O U T I N E =======================================
8170.  
8171.  
8172. verbose_showloadobj proc near
8173. test _misc_byte_2, 10h
8174. jz short locret_13B61
8175. pushad
8176. mov ax, dx
8177. shr edx, 10h
8178. shl ebx, 0Ch
8179. push dx
8180. push ax
8181. push ebp
8182. push ebx
8183. push edi
8184. push cx
8185. mov dx, offset aObjectDLoadedAt ; "Object #%d loaded at %l, V/Psize: %l/%l"...
8186. call prints
8187. add sp, 12h
8188. popad
8189.  
8190. locret_13B61:
8191. retn
8192. verbose_showloadobj endp
8193.  
8194.  
8195. ; =============== S U B R O U T I N E =======================================
8196.  
8197.  
8198. verbose_showstartup proc near
8199. test _misc_byte_2, 10h
8200. jz short locret_13BA6
8201. push _seg_env
8202. push word ptr es:2Ch
8203. push _sel_es
8204. call verbose_getmem
8205. mov eax, dword ptr a80386ProcessorO+10h ; +0: _app_off_datapages
8206. ; +4: _app_off_pageshift
8207. ; +8: _app_eip_object
8208. ; +C: _app_esp_object
8209. ; +10: _app_eip
8210. ; +14: _app_esp
8211. ; +18: _unreloc_eip
8212. ; +20: _app_siz_fixrectab
8213. ; +24: _app_buf_fixrscstab
8214. ; +28: _app_size_lastpage
8215. sub eax, dword ptr a80386ProcessorO+18h ; +0: _app_off_datapages
8216. ; +4: _app_off_pageshift
8217. ; +8: _app_eip_object
8218. ; +C: _app_esp_object
8219. ; +10: _app_eip
8220. ; +14: _app_esp
8221. ; +18: _unreloc_eip
8222. ; +20: _app_siz_fixrectab
8223. ; +24: _app_buf_fixrscstab
8224. ; +28: _app_size_lastpage
8225. push eax
8226. push word ptr a80386ProcessorO+8 ; +0: _app_off_datapages
8227. ; +4: _app_off_pageshift
8228. ; +8: _app_eip_object
8229. ; +C: _app_esp_object
8230. ; +10: _app_eip
8231. ; +14: _app_esp
8232. ; +18: _unreloc_eip
8233. ; +20: _app_siz_fixrectab
8234. ; +24: _app_buf_fixrscstab
8235. ; +28: _app_size_lastpage
8236. push offset aUnrelocated ; "Unrelocated"
8237. push large [dword ptr a80386ProcessorO+14h] ; +0: _app_off_datapages
8238. ; +4: _app_off_pageshift
8239. ; +8: _app_eip_object
8240. ; +C: _app_esp_object
8241. ; +10: _app_eip
8242. ; +14: _app_esp
8243. ; +18: _unreloc_eip
8244. ; +20: _app_siz_fixrectab
8245. ; +24: _app_buf_fixrscstab
8246. ; +28: _app_size_lastpage
8247. push _sel32_ss
8248. push large [dword ptr a80386ProcessorO+10h] ; +0: _app_off_datapages
8249. ; +4: _app_off_pageshift
8250. ; +8: _app_eip_object
8251. ; +C: _app_esp_object
8252. ; +10: _app_eip
8253. ; +14: _app_esp
8254. ; +18: _unreloc_eip
8255. ; +20: _app_siz_fixrectab
8256. ; +24: _app_buf_fixrscstab
8257. ; +28: _app_size_lastpage
8258. push _sel32_cs
8259. mov dx, offset aStartupCsEipWLS ; "Startup CS:EIP=%w:%l, SS:ESP=%w:%l, %s "...
8260. call prints
8261. add sp, 20h
8262.  
8263. locret_13BA6:
8264. retn
8265. verbose_showstartup endp ; sp-analysis failed
8266.  
8267.  
8268. ; =============== S U B R O U T I N E =======================================
8269.  
8270.  
8271. win_focus_vm proc near
8272. test _misc_byte_2, 2
8273. jz short locret_13BB5
8274. xor bx, bx
8275. mov ax, 168Bh
8276. int 2Fh ; - Multiplex - MS WINDOWS - SET FOCUS TO SPECIFIED VIRTUAL MACHINE
8277. ; BX = virtual machine id (0 - for current DOS box)
8278.  
8279. locret_13BB5:
8280. retn
8281. win_focus_vm endp
8282.  
8283.  
8284. ; =============== S U B R O U T I N E =======================================
8285.  
8286.  
8287. critical_handler proc near
8288. cli
8289. cld
8290. mov ds, cs:_sel_ds
8291. lss esp, fword ptr _sel_esp
8292. push ax
8293. mov al, 20h ; ' '
8294. out 0A0h, al ; PIC 2 same as 0020 for PIC 1
8295. out 20h, al ; Interrupt controller, 8259A.
8296. mov ax, _pic_mask
8297. out 0A1h, al ; Interrupt Controller #2, 8259A
8298. mov al, ah
8299. out 21h, al ; Interrupt controller, 8259A.
8300. call restore_pit
8301. call restore_inttab
8302. call tone
8303. call scr_on
8304. pop dx
8305. mov ax, 6001h
8306. cmp dh, 81h ; ''
8307. jz short @@arg_dl
8308. mov al, 2
8309. cmp dh, 82h ; '‚'
8310. jz short @@report
8311. mov al, 3
8312. cmp dh, 83h ; 'ƒ'
8313. jz short @@report
8314. mov al, 4
8315. cmp dh, 84h ; '„'
8316. jz short @@arg_esi
8317. mov al, 5
8318. cmp dh, 85h ; '…'
8319. jz short @@report
8320. mov al, 0
8321.  
8322. @@arg_dl:
8323. movzx si, dl
8324. jmp short @@report
8325. ; ---------------------------------------------------------------------------
8326.  
8327. @@arg_esi:
8328. rol esi, 10h
8329. mov di, si
8330. shr esi, 10h
8331.  
8332. @@report:
8333. call report_error
8334. mov al, 0FFh
8335. jmp exit386
8336. critical_handler endp
8337.  
8338. ; ---------------------------------------------------------------------------
8339.  
8340. eh00:
8341. push 0
8342. jmp short eh_common
8343. ; ---------------------------------------------------------------------------
8344.  
8345. eh01:
8346. push 1
8347. jmp short eh_debug
8348. ; ---------------------------------------------------------------------------
8349.  
8350. eh02:
8351. push 2
8352. jmp short eh_common
8353. ; ---------------------------------------------------------------------------
8354.  
8355. eh03:
8356. push 3
8357. jmp short eh_debug
8358. ; ---------------------------------------------------------------------------
8359.  
8360. eh04:
8361. push 4
8362. jmp short eh_common
8363. ; ---------------------------------------------------------------------------
8364.  
8365. eh05:
8366. push 5
8367. jmp short eh_common
8368. ; ---------------------------------------------------------------------------
8369.  
8370. eh06:
8371. push 6
8372. jmp short eh_common
8373. ; ---------------------------------------------------------------------------
8374.  
8375. eh07:
8376. push 7
8377. jmp short eh_common
8378. ; ---------------------------------------------------------------------------
8379.  
8380. eh08:
8381. push 8
8382. jmp short eh_common
8383. ; ---------------------------------------------------------------------------
8384.  
8385. eh09:
8386. push 9
8387. jmp short eh_common
8388. ; ---------------------------------------------------------------------------
8389.  
8390. eh0A:
8391. push 0Ah
8392. jmp short eh_common
8393. ; ---------------------------------------------------------------------------
8394.  
8395. eh0B:
8396. push 0Bh
8397. jmp short eh_common
8398. ; ---------------------------------------------------------------------------
8399.  
8400. eh0C:
8401. push 0Ch
8402. jmp short eh_common
8403. ; ---------------------------------------------------------------------------
8404.  
8405. eh0D:
8406. push 0Dh
8407. jmp short eh_common
8408. ; ---------------------------------------------------------------------------
8409.  
8410. eh0E:
8411. push 0Eh
8412. jmp short eh_common
8413.  
8414. ; =============== S U B R O U T I N E =======================================
8415.  
8416.  
8417. eh_debug proc near
8418.  
8419. arg_15 = byte ptr 17h
8420.  
8421. cmp cs:_sys_type, 3
8422. jz short loc_13C6C
8423. push eax
8424. mov eax, dr6
8425. and al, 0Fh
8426. pop eax
8427. jnz short eh_common
8428.  
8429. loc_13C6C:
8430. add esp, 2
8431. and [esp-2+arg_15], 0FEh
8432. db 66h
8433. retf
8434. eh_debug endp ; sp-analysis failed
8435.  
8436.  
8437. ; =============== S U B R O U T I N E =======================================
8438.  
8439.  
8440. eh_common proc near
8441. cli
8442. cld
8443. push ax
8444. mov ax, ds
8445. mov ds, cs:_sel_ds
8446. mov word ptr aPresentDpmiHost+12h, ax
8447. pop ax
8448. pop word ptr aPresentDpmiHost+16h
8449. mov word ptr aPresentDpmiHost+0Eh, ss
8450. mov dword ptr aPresentDpmiHost+0Ah, esp
8451. lss esp, fword ptr _sel_esp
8452. push word ptr aPresentDpmiHost+12h
8453. push es
8454. push fs
8455. push gs
8456. pushad
8457. mov es, word ptr aPresentDpmiHost+0Eh
8458. mov ebp, dword ptr aPresentDpmiHost+0Ah
8459. mov eax, es:[ebp+8]
8460. mov dword ptr aSystemSoftwareD+37h, eax ; +3: _app_type
8461. ; +4: _app_load
8462. mov eax, es:[ebp+14h]
8463. mov dword ptr aSystemSoftwareD+33h, eax ; +3: _app_type
8464. ; +4: _app_load
8465. mov ax, es:[ebp+10h]
8466. call check_selector
8467. mov fs, ax
8468. assume fs:nothing
8469. mov ax, es:[ebp+1Ch]
8470. call check_selector
8471. mov gs, ax
8472. assume gs:nothing
8473. mov esi, es:[ebp+0Ch]
8474. mov edi, es:[ebp+18h]
8475. xor eax, eax
8476. mov dword ptr aSystemSoftwareD+23h, eax ; +3: _app_type
8477. ; +4: _app_load
8478. mov dword ptr aSystemSoftwareD+27h, eax ; +3: _app_type
8479. ; +4: _app_load
8480. mov dword ptr aSystemSoftwareD+2Bh, eax ; +3: _app_type
8481. ; +4: _app_load
8482. mov dword ptr aSystemSoftwareD+2Fh, eax ; +3: _app_type
8483. ; +4: _app_load
8484. cmp _sys_type, 3
8485. jz short loc_13D17
8486. mov eax, cr0
8487. mov dword ptr aSystemSoftwareD+23h, eax ; +3: _app_type
8488. ; +4: _app_load
8489. mov eax, cr2
8490. mov dword ptr aSystemSoftwareD+27h, eax ; +3: _app_type
8491. ; +4: _app_load
8492. mov eax, cr3
8493. mov dword ptr aSystemSoftwareD+2Bh, eax ; +3: _app_type
8494. ; +4: _app_load
8495. mov eax, dr6
8496. mov dword ptr aSystemSoftwareD+2Fh, eax ; +3: _app_type
8497. ; +4: _app_load
8498.  
8499. loc_13D17:
8500. mov ebp, esp
8501. mov al, 20h ; ' '
8502. out 0A0h, al ; PIC 2 same as 0020 for PIC 1
8503. out 20h, al ; Interrupt controller, 8259A.
8504. mov ax, _pic_mask
8505. out 0A1h, al ; Interrupt Controller #2, 8259A
8506. mov al, ah
8507. out 21h, al ; Interrupt controller, 8259A.
8508. call restore_pit
8509. call restore_inttab
8510. call tone
8511. call scr_on
8512. call dump_description
8513. call dump_description2
8514. push _process_id
8515. push offset start
8516. mov dx, offset aModuleNameSProc ; "Module name: \"%s\", ProcessId=%w\r\n"
8517. call prints
8518. add sp, 4
8519. call dump_origin
8520. call dump_eflags
8521. call dump_opcodes
8522. call dump_regs
8523. call dump_selectors
8524. mov al, -1
8525. jmp exit386
8526. eh_common endp
8527.  
8528.  
8529. ; =============== S U B R O U T I N E =======================================
8530.  
8531.  
8532. dump_description proc near
8533. mov eax, dword ptr aSystemSoftwareD+2Fh ; +3: _app_type
8534. ; +4: _app_load
8535. and al, 0Fh
8536. jz short loc_13D78
8537. call check_faultsel
8538. push esi
8539. push fs
8540. mov dx, offset aNullPointerProt ; "Null-pointer protection at %w:%l\r\n"
8541. call prints
8542. add sp, 6
8543. retn
8544. ; ---------------------------------------------------------------------------
8545.  
8546. loc_13D78:
8547. push 6001h
8548. mov dx, offset aDos32aweRunTim ; "DOS32AWE run-time (%w): "
8549. call prints
8550. pop ax
8551. mov ebx, -2
8552. call loadl_cs_eip
8553. mov bl, 0CDh
8554. mov bh, byte ptr aPresentDpmiHost+16h
8555. cmp ax, bx
8556. mov cx, offset aException ; "exception"
8557. jnz short loc_13D9B
8558. mov cx, offset aUnexpectedInter ; "unexpected interrupt"
8559.  
8560. loc_13D9B:
8561. mov ax, word ptr aPresentDpmiHost+16h
8562. mov bx, ax
8563. add bx, bx
8564. push esi
8565. push fs
8566. push i_msg[bx]
8567. push ax
8568. push cx
8569. mov dx, offset aSBhIdentitySAtW ; "%s %bh\r\nIdentity: %s at %w:%l\r\n"
8570. call prints
8571. add sp, 0Ch
8572. retn
8573. dump_description endp
8574.  
8575.  
8576. ; =============== S U B R O U T I N E =======================================
8577.  
8578.  
8579. dump_description2 proc near
8580. call check_faultsel
8581. push eax
8582. push cx
8583. mov ax, offset aLinear ; "Linear"
8584. jb short loc_13DC4
8585. mov ax, offset aUnrelocated ; "Unrelocated"
8586.  
8587. loc_13DC4:
8588. push ax
8589. mov dx, offset aSCrashAddressDL ; "%s crash address %d:%l"
8590. call prints
8591. add sp, 8
8592. mov ax, word ptr aPresentDpmiHost+16h
8593. cmp al, 8
8594. jb short loc_13DEB
8595. cmp al, 9
8596. jz short loc_13DDD
8597. cmp al, 0Eh
8598. ja short loc_13DEB
8599.  
8600. loc_13DDD: ; +3: _app_type
8601. push large [dword ptr aSystemSoftwareD+37h] ; +4: _app_load
8602. mov dx, offset aErrorCodePushed ; ", error code pushed on stack %l"
8603. call prints
8604. add sp, 4
8605.  
8606. loc_13DEB:
8607. call printcr
8608. retn
8609. dump_description2 endp
8610.  
8611.  
8612. ; =============== S U B R O U T I N E =======================================
8613.  
8614.  
8615. dump_origin proc near
8616. mov al, '='
8617. mov cx, 72
8618.  
8619. loc_13DF4:
8620. call printc
8621. loop loc_13DF4
8622. mov ax, fs
8623. cmp ax, 8
8624. mov dx, offset aKernel ; "KERNEL="
8625. jz short loc_13E18
8626. cmp ax, _sel_cs
8627. mov dx, offset aClient ; "CLIENT="
8628. jz short loc_13E18
8629. cmp ax, _sel32_cs
8630. mov dx, offset aApp32 ; "APP/32="
8631. jz short loc_13E18
8632. mov dx, offset aApp?? ; "APP/??="
8633.  
8634. loc_13E18:
8635. call prints
8636. jmp printcr
8637. dump_origin endp
8638.  
8639.  
8640. ; =============== S U B R O U T I N E =======================================
8641.  
8642.  
8643. dump_eflags proc near
8644. mov cl, 8
8645. mov ebx, dword ptr aSystemSoftwareD+33h ; +3: _app_type
8646. ; +4: _app_load
8647. xor eax, eax
8648. xor edx, edx
8649.  
8650. loc_13E2B:
8651. shr bl, 1
8652. rcr eax, 4
8653. shr bh, 1
8654. rcr edx, 4
8655. loop loc_13E2B
8656. push eax
8657. push edx
8658. push large [dword ptr aSystemSoftwareD+33h] ; +3: _app_type
8659. ; +4: _app_load
8660. mov dx, offset aEflagsLL_L ; "EFLAGS = %l [%l.%l] "
8661. call prints
8662. add sp, 0Ch
8663. retn
8664. dump_eflags endp
8665.  
8666.  
8667. ; =============== S U B R O U T I N E =======================================
8668.  
8669.  
8670. dump_opcodes proc near
8671. mov cl, 0Ah
8672. mov ebx, 9
8673.  
8674. loc_13E54:
8675. call loadb_cs_eip
8676. push ax
8677. dec ebx
8678. loop loc_13E54
8679. mov dx, offset aCsEipBBBBBBBBBB ; "CS:[EIP] = %b %b %b %b %b %b %b %b %b %"...
8680. call prints
8681. add sp, 14h
8682. jmp printcr
8683. dump_opcodes endp ; sp-analysis failed
8684.  
8685.  
8686. ; =============== S U B R O U T I N E =======================================
8687.  
8688.  
8689. dump_regs proc near
8690. xor ebx, ebx
8691. call loadl_ss_esp
8692. push eax
8693. push large [dword ptr aSystemSoftwareD+2Fh] ; +3: _app_type
8694. ; +4: _app_load
8695. push large dword ptr [ebp+4]
8696. push large dword ptr [ebp+1Ch]
8697. mov dx, offset aEaxLEsiLDr6LSsE ; "EAX = %l ESI = %l DR6 = %l "...
8698. call prints
8699. add sp, 10h
8700. add bx, 4
8701. call loadl_ss_esp
8702. push eax
8703. push large [dword ptr aSystemSoftwareD+23h] ; +3: _app_type
8704. ; +4: _app_load
8705. push large dword ptr [ebp+0]
8706. push large dword ptr [ebp+10h]
8707. mov dx, offset aEbxLEdiLCr0LSsE ; "EBX = %l EDI = %l CR0 = %l "...
8708. call prints
8709. add sp, 10h
8710. add bx, 4
8711. call loadl_ss_esp
8712. push eax
8713. push large [dword ptr aSystemSoftwareD+27h] ; +3: _app_type
8714. ; +4: _app_load
8715. push large dword ptr [ebp+8]
8716. push large dword ptr [ebp+18h]
8717. mov dx, offset aEcxLEbpLCr2LSsE ; "ECX = %l EBP = %l CR2 = %l "...
8718. call prints
8719. add sp, 10h
8720. add bx, 4
8721. call loadl_ss_esp
8722. push eax
8723. push large [dword ptr aSystemSoftwareD+2Bh] ; +3: _app_type
8724. ; +4: _app_load
8725. push edi
8726. push large dword ptr [ebp+14h]
8727. mov dx, offset aEdxLEspLCr3LSsE ; "EDX = %l ESP = %l CR3 = %l "...
8728. call prints
8729. add sp, 10h
8730. retn
8731. dump_regs endp
8732.  
8733.  
8734. ; =============== S U B R O U T I N E =======================================
8735.  
8736.  
8737. dump_selectors proc near
8738. mov dx, offset aCsW ; "CS: = %w "
8739. mov ax, fs
8740. call describe_selector
8741. mov dx, offset aDsW ; "DS: = %w "
8742. mov ax, [ebp+26h]
8743. call describe_selector
8744. mov dx, offset aEsW ; "ES: = %w "
8745. mov ax, [ebp+24h]
8746. call describe_selector
8747. mov dx, offset aSsW ; "SS: = %w "
8748. mov ax, gs
8749. call describe_selector
8750. mov dx, offset aFsW ; "FS: = %w "
8751. mov ax, [ebp+22h]
8752. call describe_selector
8753. mov dx, offset aGsW ; "GS: = %w "
8754. mov ax, [ebp+20h]
8755. call describe_selector
8756. retn
8757. dump_selectors endp
8758.  
8759.  
8760. ; =============== S U B R O U T I N E =======================================
8761.  
8762.  
8763. describe_selector proc near
8764. push ax
8765. call prints
8766. pop ax
8767. test ax, ax
8768. jnz short loc_13F31
8769. mov dx, offset aNullSelector ; "NULL selector"
8770. call prints
8771. jmp printcr
8772. ; ---------------------------------------------------------------------------
8773.  
8774. loc_13F31:
8775. mov bx, ax
8776. sub sp, 8
8777. push ss
8778. pop es
8779. mov edi, esp
8780. mov ax, 0Bh
8781. int 31h ; DPMI Services ax=func xxxxh
8782. ; GET DESCRIPTOR
8783. ; BX = selector, ES:DI / ES:EDI -> 8-byte buffer for copy of descriptor
8784. ; Return: CF set on error
8785. ; CF clear if successful
8786. jnb short loc_13F4E
8787. add sp, 8
8788. mov dx, offset aInvalidSelector ; "Invalid selector"
8789. call prints
8790. jmp printcr
8791. ; ---------------------------------------------------------------------------
8792.  
8793. loc_13F4E:
8794. mov ax, es:[edi+5]
8795. mov dx, ax
8796. push ax
8797. shr al, 1
8798. and ax, 7
8799. push ax
8800. mov cl, dh
8801. shr cl, 6
8802. and cl, 1
8803. mov ax, 10h
8804. shl ax, cl
8805. push ax
8806. mov al, dl
8807. shr al, 3
8808. and eax, 1
8809. lea eax, selmsg8.str[eax+eax*4]
8810. push ax
8811. mov al, dh
8812. shr al, 7
8813. and eax, 1
8814. lea eax, selmsg9.str[eax+eax*4]
8815. push ax
8816. mov al, dh
8817. and eax, 0Fh
8818. shl eax, 10h
8819. mov ax, es:[edi]
8820. push eax
8821. mov ah, es:[edi+7]
8822. mov al, es:[edi+4]
8823. shl eax, 10h
8824. mov ax, es:[edi+2]
8825. push eax
8826. mov dx, offset aBaseLLimitLGrSS ; "Base=%l Limit=%l Gr=%s Seg=%s/%dbit Typ"...
8827. call prints
8828. add sp, 1Ah
8829. retn
8830. describe_selector endp
8831.  
8832.  
8833. ; =============== S U B R O U T I N E =======================================
8834.  
8835.  
8836. check_faultsel proc near
8837. mov ax, 6
8838. mov bx, fs
8839. int 31h ; DPMI Services ax=func xxxxh
8840. ; GET SEGMENT BASE ADDRESS
8841. ; BX = selector
8842. ; Return: CF set on error
8843. ; CF clear if successful, CX:DX = linear base address of segment
8844. shl ecx, 10h
8845. mov cx, dx
8846. lea eax, [ecx+esi]
8847. mov ecx, dword ptr aThisProgramRequ+14h ; +4: _exec_handle
8848. ; +8: _exec_start
8849. ; +C: _srcaddr
8850. ; +10: _codesize
8851. ; +14: _app_num_objects
8852. ; +18: _app_off_objects
8853. ; +1C: _app_off_pagetab
8854. ; +20: _app_off_fixpagetab
8855. ; +24: _app_off_fixrectab
8856. jcxz short loc_13FE4
8857.  
8858. loc_13FD8: ; also _app_buf_allocsel
8859. cmp bx, word ptr get_environ_config[ecx*2]
8860. jz short loc_13FE6
8861. loop loc_13FD8
8862.  
8863. loc_13FE4:
8864. stc
8865. retn
8866. ; ---------------------------------------------------------------------------
8867.  
8868. loc_13FE6:
8869. sub eax, dword ptr _app_buf_allocbase[ecx*4]
8870. clc
8871. retn
8872. check_faultsel endp
8873.  
8874.  
8875. ; =============== S U B R O U T I N E =======================================
8876.  
8877.  
8878. check_selector proc near
8879. lar bx, ax
8880. jnz short loc_14003
8881. verr ax
8882. jnz short loc_14003
8883. not bx
8884. test bh, 80h
8885. jnz short loc_14003
8886. retn
8887. ; ---------------------------------------------------------------------------
8888.  
8889. loc_14003:
8890. xor ax, ax
8891. retn
8892. check_selector endp
8893.  
8894.  
8895. ; =============== S U B R O U T I N E =======================================
8896.  
8897.  
8898. loadb_cs_eip proc near
8899. mov ax, fs
8900. test ax, ax
8901. jnz short loc_14010
8902. xor eax, eax
8903. retn
8904. ; ---------------------------------------------------------------------------
8905.  
8906. loc_14010:
8907. movzx eax, byte ptr fs:[esi+ebx]
8908. retn
8909. loadb_cs_eip endp
8910.  
8911.  
8912. ; =============== S U B R O U T I N E =======================================
8913.  
8914.  
8915. loadl_cs_eip proc near
8916. mov ax, fs
8917. test ax, ax
8918. jnz short loc_14022
8919. xor eax, eax
8920. retn
8921. ; ---------------------------------------------------------------------------
8922.  
8923. loc_14022:
8924. mov eax, fs:[esi+ebx]
8925. retn
8926. loadl_cs_eip endp
8927.  
8928.  
8929. ; =============== S U B R O U T I N E =======================================
8930.  
8931.  
8932. loadl_ss_esp proc near
8933. mov ax, gs
8934. test ax, ax
8935. jnz short loc_14033
8936. xor eax, eax
8937. retn
8938. ; ---------------------------------------------------------------------------
8939.  
8940. loc_14033:
8941. mov eax, gs:[edi+ebx]
8942. retn
8943. loadl_ss_esp endp
8944.  
8945.  
8946. ; =============== S U B R O U T I N E =======================================
8947.  
8948.  
8949. tone proc near
8950. push ax
8951. push cx
8952. mov ax, 500h
8953. mov cx, 110h
8954. call beep
8955. mov ax, 300h
8956. call beep
8957. pop cx
8958. pop ax
8959. retn
8960. tone endp
8961.  
8962.  
8963. ; =============== S U B R O U T I N E =======================================
8964.  
8965.  
8966. beep proc near
8967. test cs:_misc_byte_1, 2
8968. jnz short loc_14057
8969. retn
8970. ; ---------------------------------------------------------------------------
8971.  
8972. loc_14057:
8973. push cx
8974. push dx
8975. push ax
8976. mov al, 0B6h ; '¶'
8977. out 43h, al ; Timer 8253-5 (AT: 8254.2).
8978. pop ax
8979. out 42h, al ; Timer 8253-5 (AT: 8254.2).
8980. mov al, ah
8981. out 42h, al ; Timer 8253-5 (AT: 8254.2).
8982. in al, 61h ; PC/XT PPI port B bits:
8983. ; 0: Tmr 2 gate ÍËÍ OR 03H=spkr ON
8984. ; 1: Tmr 2 data ͼ AND 0fcH=spkr OFF
8985. ; 3: 1=read high switches
8986. ; 4: 0=enable RAM parity checking
8987. ; 5: 0=enable I/O channel check
8988. ; 6: 0=hold keyboard clock low
8989. ; 7: 0=enable kbrd
8990. or al, 3
8991. out 61h, al ; PC/XT PPI port B bits:
8992. ; 0: Tmr 2 gate ÍËÍ OR 03H=spkr ON
8993. ; 1: Tmr 2 data ͼ AND 0fcH=spkr OFF
8994. ; 3: 1=read high switches
8995. ; 4: 0=enable RAM parity checking
8996. ; 5: 0=enable I/O channel check
8997. ; 6: 0=hold keyboard clock low
8998. ; 7: 0=enable kbrd
8999.  
9000. loc_1406B: ; Timer 8253-5 (AT: 8254.2).
9001. in al, 40h
9002. in al, 40h ; Timer 8253-5 (AT: 8254.2).
9003. mov ah, al
9004.  
9005. loc_14071: ; Timer 8253-5 (AT: 8254.2).
9006. in al, 40h
9007. in al, 40h ; Timer 8253-5 (AT: 8254.2).
9008. cmp ah, al
9009. jz short loc_14071
9010. loop loc_1406B
9011. in al, 61h ; PC/XT PPI port B bits:
9012. ; 0: Tmr 2 gate ÍËÍ OR 03H=spkr ON
9013. ; 1: Tmr 2 data ͼ AND 0fcH=spkr OFF
9014. ; 3: 1=read high switches
9015. ; 4: 0=enable RAM parity checking
9016. ; 5: 0=enable I/O channel check
9017. ; 6: 0=hold keyboard clock low
9018. ; 7: 0=enable kbrd
9019. and al, 0FCh
9020. out 61h, al ; PC/XT PPI port B bits:
9021. ; 0: Tmr 2 gate ÍËÍ OR 03H=spkr ON
9022. ; 1: Tmr 2 data ͼ AND 0fcH=spkr OFF
9023. ; 3: 1=read high switches
9024. ; 4: 0=enable RAM parity checking
9025. ; 5: 0=enable I/O channel check
9026. ; 6: 0=hold keyboard clock low
9027. ; 7: 0=enable kbrd
9028. pop dx
9029. pop cx
9030. retn
9031. beep endp
9032.  
9033.  
9034. ; =============== S U B R O U T I N E =======================================
9035.  
9036.  
9037. scr_on proc near
9038. push ax
9039. push bx
9040. push cx
9041. push dx
9042. test cs:_misc_byte_1, 40h
9043. jz short loc_14095
9044. mov ax, 3
9045. int 10h ; - VIDEO - SET VIDEO MODE
9046. ; AL = mode
9047.  
9048. loc_14095:
9049. mov dx, 3C4h
9050. mov al, 1
9051. out dx, al ; EGA: sequencer address reg
9052. ; clocking mode. Data bits:
9053. ; 0: 1=8 dots/char; 0=9 dots/char
9054. ; 1: CRT bandwidth: 1=low; 0=high
9055. ; 2: 1=shift every char; 0=every 2nd char
9056. ; 3: dot clock: 1=halved
9057. inc dx
9058. in al, dx ; EGA port: sequencer data register
9059. and al, 0DFh
9060. out dx, al ; EGA port: sequencer data register
9061. pop dx
9062. pop cx
9063. pop bx
9064. pop ax
9065. retn
9066. scr_on endp
9067.  
9068.  
9069. ; =============== S U B R O U T I N E =======================================
9070.  
9071.  
9072. _int10 proc near
9073.  
9074. var_14 = dword ptr -14h
9075. var_C = dword ptr -0Ch
9076. var_8 = dword ptr -8
9077. var_4 = word ptr -4
9078. arg_E = dword ptr 10h
9079. arg_1A = dword ptr 1Ch
9080.  
9081. ; FUNCTION CHUNK AT 134E SIZE 0000012F BYTES
9082. ; FUNCTION CHUNK AT 149C SIZE 00000020 BYTES
9083.  
9084. cld
9085. push ds
9086. push es
9087. pushad
9088. cmp ah, 1Bh
9089. jz short v_1B
9090. cmp ah, 1Ch
9091. jz v_1C
9092. cmp ax, 4F00h
9093. jz v_4F00
9094. cmp ax, 4F01h
9095. jz v_4F00
9096. cmp ax, 4F04h
9097. jz v_4F04
9098. cmp ax, 4F09h
9099. jz v_4F09
9100. cmp ax, 4F0Ah
9101. jz v_4F0A
9102. popad
9103. pop es
9104. pop ds
9105. jmp large [fword ptr cs:_int10_._ip]
9106. ; ---------------------------------------------------------------------------
9107.  
9108. v_1B:
9109. sub esp, 32h
9110. mov ebp, esp
9111. mov [ebp+1Ch], ax
9112. mov [ebp+10h], bx
9113. mov ds, cs:_sel_ds
9114. mov ax, _seg_buf
9115. mov [ebp+22h], ax
9116. mov word ptr [ebp+0], 0
9117. call int10h
9118. mov ecx, 10h
9119. mov esi, _lobufbase
9120. rep movs dword ptr es:[edi], dword ptr [esi]
9121. movzx eax, word ptr [ebp+1Ch]
9122. movzx ebx, word ptr [ebp+10h]
9123. add esp, 32h
9124. mov [esp+24h+var_8], eax
9125. mov [esp+24h+var_14], ebx
9126. jmp @__ok
9127. ; ---------------------------------------------------------------------------
9128.  
9129. v_1C:
9130. test al, al
9131. jz short loc_14144
9132. cmp al, 1
9133. jz short loc_14163
9134. cmp al, 2
9135. jz short loc_1418D
9136. jmp loc_143AF
9137. ; ---------------------------------------------------------------------------
9138.  
9139. loc_14144:
9140. pushfd
9141. call large [fword ptr cs:_int10_._ip]
9142. movzx eax, ax
9143. movzx ebx, bx
9144. mov [esp+arg_1A], eax
9145. mov [esp+arg_E], ebx
9146. jmp @__ok
9147. ; ---------------------------------------------------------------------------
9148.  
9149. loc_14163:
9150. sub esp, 32h
9151. mov ebp, esp
9152. call @v_std
9153. call int10h
9154. mov esi, _lobufbase
9155. mov edi, ebx
9156. mov ax, 1C00h
9157. xor bx, bx
9158. int 10h ; - VIDEO - SAVE/RESTORE VIDEO STATE (PS50+,VGA)
9159. ; return state buffer size, return: BX = number of 64 byte blocks needed
9160. mov ecx, ebx
9161. shl ecx, 4
9162. rep movs dword ptr es:[edi], dword ptr [esi]
9163. jmp loc_1439C
9164. ; ---------------------------------------------------------------------------
9165.  
9166. loc_1418D:
9167. sub esp, 32h
9168. mov ebp, esp
9169. call @v_std
9170. mov esi, ebx
9171. mov edi, _lobufbase
9172. mov ax, 1C00h
9173. xor bx, bx
9174. int 10h ; - VIDEO - SAVE/RESTORE VIDEO STATE (PS50+,VGA)
9175. ; return state buffer size, return: BX = number of 64 byte blocks needed
9176. mov ecx, ebx
9177. shl ecx, 4
9178. push ds
9179. push es
9180. pop ds
9181. pop es
9182. rep movs dword ptr es:[edi], dword ptr [esi]
9183. call int10h
9184. jmp loc_1439C
9185. ; ---------------------------------------------------------------------------
9186.  
9187. v_4F00:
9188. sub esp, 32h
9189. mov ebp, esp
9190. mov [ebp+1Ch], ax
9191. mov [ebp+18h], cx
9192. mov dx, ax
9193. mov ds, cs:_sel_ds
9194. mov ax, _seg_buf
9195. mov [ebp+22h], ax
9196. mov word ptr [ebp+0], 0
9197. call int10h
9198. mov esi, _lobufbase
9199. test dl, dl
9200. mov ecx, 40h ; '@'
9201. jnz short loc_1421E
9202. lea ebx, [esi+6]
9203. call _int10_mod
9204. lea ebx, [esi+0Eh]
9205. call _int10_mod
9206. lea ebx, [esi+16h]
9207. call _int10_mod
9208. lea ebx, [esi+1Ah]
9209. call _int10_mod
9210. lea ebx, [esi+1Eh]
9211. call _int10_mod
9212. mov ecx, 80h ; '€'
9213.  
9214. loc_1421E:
9215. rep movs dword ptr es:[edi], dword ptr [esi]
9216. jmp loc_1439C
9217. _int10 endp
9218.  
9219.  
9220. ; =============== S U B R O U T I N E =======================================
9221.  
9222.  
9223. _int10_mod proc near
9224. movzx edx, word ptr [ebx]
9225. movzx eax, word ptr [ebx+2]
9226. shl eax, 4
9227. add eax, edx
9228. mov dx, [ebx+2]
9229. cmp dx, _seg_buf
9230. jnz short loc_14249
9231. sub eax, _lobufzero
9232. add eax, edi
9233.  
9234. loc_14249:
9235. mov [ebx], eax
9236. retn
9237. _int10_mod endp
9238.  
9239. ; ---------------------------------------------------------------------------
9240. ; START OF FUNCTION CHUNK FOR _int10
9241.  
9242. v_4F04:
9243. test dl, dl
9244. jz loc_14144
9245. cmp dl, 1
9246. jz short loc_14261
9247. cmp dl, 2
9248. jz short loc_1428D
9249. jmp loc_143AF
9250. ; ---------------------------------------------------------------------------
9251.  
9252. loc_14261:
9253. sub esp, 32h
9254. mov ebp, esp
9255. call @v_std
9256. call int10h
9257. mov esi, _lobufbase
9258. mov edi, ebx
9259. mov ax, 4F04h
9260. xor dl, dl
9261. xor bx, bx
9262. int 10h ; - VIDEO - VESA SuperVGA BIOS - SAVE/RESTORE SuperVGA VIDEO STATE
9263. ; DL = get state buffer size
9264. mov ecx, ebx
9265. shl ecx, 4
9266. rep movs dword ptr es:[edi], dword ptr [esi]
9267. jmp loc_1439C
9268. ; ---------------------------------------------------------------------------
9269.  
9270. loc_1428D:
9271. sub esp, 32h
9272. mov ebp, esp
9273. call @v_std
9274. mov esi, ebx
9275. mov edi, _lobufbase
9276. mov ax, 4F04h
9277. xor dl, dl
9278. xor bx, bx
9279. int 10h ; - VIDEO - VESA SuperVGA BIOS - SAVE/RESTORE SuperVGA VIDEO STATE
9280. ; DL = get state buffer size
9281. mov ecx, ebx
9282. shl ecx, 4
9283. push ds
9284. push es
9285. pop ds
9286. pop es
9287. rep movs dword ptr es:[edi], dword ptr [esi]
9288. call int10h
9289. jmp loc_1439C
9290. ; ---------------------------------------------------------------------------
9291.  
9292. v_4F09:
9293. cmp bl, 3
9294. jbe short loc_142C9
9295. cmp bl, 80h
9296. jnz loc_143AF
9297.  
9298. loc_142C9:
9299. sub esp, 32h
9300. mov ebp, esp
9301. mov [ebp+1Ch], ax
9302. mov [ebp+18h], cx
9303. mov [ebp+14h], dx
9304. mov [ebp+10h], bx
9305. mov ds, cs:_sel_ds
9306. mov ax, _seg_buf
9307. mov [ebp+22h], ax
9308. mov word ptr [ebp+0], 0
9309. test bl, bl
9310. jz short loc_14302
9311. dec bl
9312. jz short loc_14318
9313. dec bl
9314. jz short loc_14302
9315. dec bl
9316. jz short loc_14318
9317.  
9318. loc_14302:
9319. mov esi, edi
9320. mov edi, _lobufbase
9321. push ds
9322. push es
9323. pop ds
9324. pop es
9325. rep movs dword ptr es:[edi], dword ptr [esi]
9326. call int10h
9327. jmp loc_1439C
9328. ; ---------------------------------------------------------------------------
9329.  
9330. loc_14318:
9331. call int10h
9332. mov esi, _lobufbase
9333. rep movs dword ptr es:[edi], dword ptr [esi]
9334. jmp short loc_1439C
9335. ; ---------------------------------------------------------------------------
9336.  
9337. v_4F0A:
9338. sub esp, 32h
9339. mov ebp, esp
9340. mov [ebp+1Ch], ax
9341. mov [ebp+10h], bx
9342. call int10h
9343. movzx eax, word ptr [ebp+1Ch]
9344. movzx ecx, word ptr [ebp+18h]
9345. movzx edx, word ptr [ebp+22h]
9346. movzx edi, word ptr [ebp+0]
9347. cmp ax, 4Fh ; 'O'
9348. jnz short loc_1439C
9349. shl edx, 4
9350. add edi, edx
9351. add esp, 32h
9352. mov [esp+24h+var_8], eax
9353. mov [esp+24h+var_C], ecx
9354. mov [esp], edi
9355. mov ax, cs:_sel_zero
9356. mov [esp+24h+var_4], ax
9357. jmp @__ok
9358. ; END OF FUNCTION CHUNK FOR _int10
9359.  
9360. ; =============== S U B R O U T I N E =======================================
9361.  
9362.  
9363. @v_std proc near
9364. mov [ebp+1Ch], ax
9365. mov [ebp+18h], cx
9366. mov [ebp+14h], dx
9367. mov ds, cs:_sel_ds
9368. mov ax, _seg_buf
9369. mov [ebp+22h], ax
9370. mov word ptr [ebp+10h], 0
9371. retn
9372. @v_std endp
9373.  
9374. ; ---------------------------------------------------------------------------
9375. ; START OF FUNCTION CHUNK FOR _int10
9376.  
9377. loc_1439C:
9378. movzx eax, word ptr [ebp+1Ch]
9379. add esp, 32h
9380. mov [esp+24h+var_8], eax
9381. jmp @__ok
9382. ; ---------------------------------------------------------------------------
9383.  
9384. loc_143AF:
9385. mov [esp+24h+var_8], 0FFFFFFFFh
9386. jmp @__ok
9387. ; END OF FUNCTION CHUNK FOR _int10
9388.  
9389. ; =============== S U B R O U T I N E =======================================
9390.  
9391.  
9392. _int21 proc near
9393.  
9394. var_20 = dword ptr -20h
9395. var_1C = dword ptr -1Ch
9396. var_14 = dword ptr -14h
9397. var_10 = dword ptr -10h
9398. var_C = dword ptr -0Ch
9399. var_8 = dword ptr -8
9400. var_4 = word ptr -4
9401. var_2 = word ptr -2
9402. arg_6 = byte ptr 8
9403.  
9404. ; FUNCTION CHUNK AT 2047 SIZE 0000001F BYTES
9405. ; FUNCTION CHUNK AT 2128 SIZE 00000019 BYTES
9406. ; FUNCTION CHUNK AT 214D SIZE 0000000C BYTES
9407.  
9408. cld
9409. test cs:_sys_misc, 100h
9410. jnz loc_14522
9411. push ds
9412. push es
9413. pushad
9414. cmp ah, 9
9415. jz @__09h
9416. cmp ah, 1Ah
9417. jz @__1Ah
9418. cmp ah, 1Bh
9419. jz @__1Bh
9420. cmp ah, 1Ch
9421. jz @__1Bh
9422. cmp ah, 1Fh
9423. jz @__1Fh
9424. cmp ah, 25h ; '%'
9425. jz @__25h
9426. cmp ah, 2Fh ; '/'
9427. jz @__2Fh
9428. cmp ah, 31h ; '1'
9429. jz @__31h
9430. cmp ah, 32h ; '2'
9431. jz @__1Fh
9432. cmp ah, 34h ; '4'
9433. jz @__34h
9434. cmp ah, 35h ; '5'
9435. jz @__35h
9436. cmp ah, 39h ; '9'
9437. jz @__39h
9438. cmp ah, 3Ah ; ':'
9439. jz @__39h
9440. cmp ah, 3Bh ; ';'
9441. jz @__39h
9442. cmp ah, 3Ch ; '<'
9443. jz @__3Ch
9444. cmp ah, 3Dh ; '='
9445. jz @__3Ch
9446. cmp ah, 3Fh ; '?'
9447. jz @__3Fh
9448. cmp ah, 40h ; '@'
9449. jz @__40h
9450. cmp ah, 41h ; 'A'
9451. jz @__39h
9452. cmp ah, 42h ; 'B'
9453. jz @__42h
9454. cmp ah, 43h ; 'C'
9455. jz @__43h
9456. cmp ax, 4402h
9457. jz @__3Fh
9458. cmp ax, 4403h
9459. jz @__40h
9460. cmp ax, 4404h
9461. jz @__3Fh
9462. cmp ax, 4405h
9463. jz @__40h
9464. cmp ah, 47h ; 'G'
9465. jz @__47h
9466. cmp ah, 48h ; 'H'
9467. jz @__48h
9468. cmp ah, 49h ; 'I'
9469. jz @__49h
9470. cmp ah, 4Ah ; 'J'
9471. jz @__4Ah
9472. cmp ah, 4Bh ; 'K'
9473. jz @__4Bh
9474. cmp ah, 4Ch ; 'L'
9475. jz @__4Ch
9476. cmp ah, 4Eh ; 'N'
9477. jz @__4Eh
9478. cmp ah, 4Fh ; 'O'
9479. jz @__4Fh
9480. cmp ah, 51h ; 'Q'
9481. jz @__51h
9482. cmp ah, 56h ; 'V'
9483. jz @__56h
9484. cmp ah, 5Ah ; 'Z'
9485. jz @__39h
9486. cmp ah, 5Bh ; '['
9487. jz @__39h
9488. cmp ah, 62h ; 'b'
9489. jz @__62h
9490. cmp ah, 0FFh
9491. jz @__FFh
9492. cmp ah, 71h ; 'q'
9493. jnz short @__go21
9494. cmp al, 39h ; '9'
9495. jz @__39h
9496. cmp al, 3Ah ; ':'
9497. jz @__39h
9498. cmp al, 3Bh ; ';'
9499. jz @__39h
9500. cmp al, 41h ; 'A'
9501. jz @__39h
9502. cmp al, 43h ; 'C'
9503. jz @__43h
9504. cmp al, 47h ; 'G'
9505. jz @__47h
9506. cmp al, 56h ; 'V'
9507. jz @__56h
9508. cmp al, 60h ; '`'
9509. jz @_7160
9510. cmp al, 6Ch ; 'l'
9511. jz @_716C
9512.  
9513. @__go21:
9514. popad
9515. pop es
9516. pop ds
9517. jmp large [fword ptr cs:_int21_._ip]
9518. ; ---------------------------------------------------------------------------
9519.  
9520. loc_14522:
9521. mov ax, 4CFFh
9522. jmp @__4Ch
9523. ; ---------------------------------------------------------------------------
9524.  
9525. @__09h:
9526. push ds
9527. pop es
9528. assume es:TEXT16
9529. sub esp, 32h
9530. mov ebp, esp
9531. mov [ebp+1Ch], ax
9532. mov esi, edx
9533. mov edi, edx
9534. mov al, 24h ; '$'
9535. or ecx, 0FFFFFFFFh
9536. repne scas byte ptr es:[edi]
9537. not ecx
9538. mov es, cs:_sel_ds
9539. assume es:nothing
9540. mov edi, cs:_lobufbase
9541. rep movs byte ptr es:[edi], byte ptr [esi]
9542. stos byte ptr es:[edi]
9543. mov ax, cs:_seg_buf
9544. mov [ebp+24h], ax
9545. mov word ptr [ebp+14h], 0
9546. call int21h
9547. add esp, 32h
9548. jmp @__ok
9549. ; ---------------------------------------------------------------------------
9550.  
9551. @__1Ah:
9552. mov es, cs:_sel_ds
9553. assume es:TEXT16
9554. mov es:_app_dta_sel, ds
9555. mov es:_app_dta_ofs, edx
9556. sub esp, 32h
9557. mov ebp, esp
9558. mov [ebp+1Ch], ax
9559. mov ax, cs:_seg_dta
9560. mov [ebp+24h], ax
9561. mov word ptr [ebp+14h], 0
9562. call int21h
9563. add esp, 32h
9564. jmp @__ok
9565. ; ---------------------------------------------------------------------------
9566.  
9567. @__1Bh:
9568. call @__all
9569. mov byte ptr [esp+24h+var_8], al
9570. cmp al, 0FFh
9571. jz short loc_145D0
9572. mov [esp+24h+var_10], edx
9573. mov [esp+24h+var_C], ecx
9574. shl esi, 4
9575. add ebx, esi
9576. mov [esp+24h+var_14], ebx
9577. mov ax, cs:_sel_zero
9578. mov [esp+24h+var_2], ax
9579.  
9580. loc_145D0:
9581. jmp @__ok
9582. ; ---------------------------------------------------------------------------
9583.  
9584. @__1Fh:
9585. call @__all
9586. mov byte ptr [esp+24h+var_8], al
9587. cmp al, 0FFh
9588. jz short loc_145F5
9589. shl esi, 4
9590. add ebx, esi
9591. mov [esp+24h+var_14], ebx
9592. mov ax, cs:_sel_zero
9593. mov [esp+24h+var_2], ax
9594.  
9595. loc_145F5:
9596. jmp @__ok
9597. ; ---------------------------------------------------------------------------
9598.  
9599. @__25h:
9600. mov bl, al
9601. mov cx, ds
9602. mov ax, 205h
9603. int 31h ; DPMI Services ax=func xxxxh
9604. ; SET PROTECTED MODE INTERRUPT VECTOR
9605. ; BL = interrupt number, CX:DX / CX:EDX = selector:offset of handler
9606. ; Return: CF set on error
9607. ; CF clear if successful
9608. jb @__err
9609. jmp @__ok
9610. ; ---------------------------------------------------------------------------
9611.  
9612. @__2Fh:
9613. mov ax, cs:_app_dta_sel
9614. mov [esp+24h+var_4], ax
9615. mov eax, cs:_app_dta_ofs
9616. mov [esp+24h+var_14], eax
9617. jmp @__ok
9618. ; ---------------------------------------------------------------------------
9619.  
9620. @__31h:
9621. sub esp, 32h
9622. mov ebp, esp
9623. mov bx, cs:_membase
9624. add bx, cs:_buf_size
9625. sub bx, cs:_seg_es
9626. mov [ebp+1Ch], ax
9627. mov [ebp+14h], bx
9628. call int21h
9629. add esp, 32h
9630. jmp @__ok
9631. ; ---------------------------------------------------------------------------
9632.  
9633. @__34h:
9634. call @__all
9635. shl edi, 4
9636. add ebx, edi
9637. mov [esp+24h+var_14], ebx
9638. mov ax, cs:_sel_zero
9639. mov [esp+24h+var_4], ax
9640. jmp @__ok
9641. ; ---------------------------------------------------------------------------
9642.  
9643. @__35h:
9644. mov bl, al
9645. mov ax, 204h
9646. int 31h ; DPMI Services ax=func xxxxh
9647. ; GET PROTECTED MODE INTERRUPT VECTOR
9648. ; BL = interrupt number
9649. ; Return: CF set on error
9650. ; CF clear if successful, CX:DX / CX:EDX = selector:offset of handler
9651. mov [esp+24h+var_4], cx
9652. mov [esp+24h+var_14], edx
9653. jmp @__ok
9654. ; ---------------------------------------------------------------------------
9655.  
9656. @__39h:
9657. call @__std
9658. jz @__ok
9659. mov [esp+24h+var_8], eax
9660. jmp @__err
9661. ; ---------------------------------------------------------------------------
9662.  
9663. @__3Ch:
9664. call @__std
9665. mov [esp+24h+var_8], eax
9666. jz @__ok
9667. jmp @__err
9668. ; ---------------------------------------------------------------------------
9669.  
9670. @__3Fh:
9671. push ds
9672. pop es
9673. mov ds, cs:_sel_ds
9674. sub esp, 32h
9675. mov ebp, esp
9676. mov [ebp+10h], bx
9677. mov edi, edx
9678. mov ebx, ecx
9679. xor edx, edx
9680.  
9681. loc_146B3:
9682. mov [ebp+1Ch], ax
9683. mov ax, _seg_buf
9684. mov [ebp+24h], ax
9685. mov word ptr [ebp+14h], 0
9686. mov eax, ebx
9687. cmp eax, _lobufsize
9688. jbe short loc_146D2
9689. mov eax, _lobufsize
9690.  
9691. loc_146D2:
9692. mov [ebp+18h], ax
9693. call int21h
9694. movzx eax, word ptr [ebp+1Ch]
9695. test byte ptr [ebp+20h], 1
9696. jnz short loc_14712
9697. test ax, ax
9698. jz short loc_14705
9699. mov esi, _lobufbase
9700. call @__cp2
9701. add edx, eax
9702. cmp word ptr [ebp+10h], 0
9703. jz short loc_14705
9704. sub ebx, eax
9705. mov ax, [ebp+4Eh]
9706. ja short loc_146B3
9707.  
9708. loc_14705:
9709. add esp, 32h
9710. mov [esp+24h+var_8], edx
9711. jmp @__ok
9712. ; ---------------------------------------------------------------------------
9713.  
9714. loc_14712:
9715. add esp, 32h
9716. mov [esp+24h+var_8], eax
9717. jmp @__err
9718. ; ---------------------------------------------------------------------------
9719.  
9720. @__40h:
9721. mov es, cs:_sel_ds
9722. assume es:nothing
9723. sub esp, 32h
9724. mov ebp, esp
9725. mov [ebp+10h], bx
9726. mov esi, edx
9727. mov ebx, ecx
9728. xor edx, edx
9729.  
9730. loc_14738:
9731. mov [ebp+1Ch], ax
9732. mov ax, cs:_seg_buf
9733. mov [ebp+24h], ax
9734. mov word ptr [ebp+14h], 0
9735. mov eax, ebx
9736. cmp eax, cs:_lobufsize
9737. jbe short loc_1475A
9738. mov eax, cs:_lobufsize
9739.  
9740. loc_1475A:
9741. mov [ebp+18h], ax
9742. mov edi, cs:_lobufbase
9743. call @__cp2
9744. call int21h
9745. movzx eax, word ptr [ebp+1Ch]
9746. test byte ptr [ebp+20h], 1
9747. jnz short loc_14794
9748. test ax, ax
9749. jz short loc_14787
9750. add edx, eax
9751. sub ebx, eax
9752. mov ax, [ebp+4Eh]
9753. ja short loc_14738
9754.  
9755. loc_14787:
9756. add esp, 32h
9757. mov [esp+24h+var_8], edx
9758. jmp @__ok
9759. ; ---------------------------------------------------------------------------
9760.  
9761. loc_14794:
9762. add esp, 32h
9763. mov [esp+24h+var_8], eax
9764. jmp @__err
9765. ; ---------------------------------------------------------------------------
9766.  
9767. @__42h:
9768. call @__all
9769. mov [esp+24h+var_8], eax
9770. jnz @__err
9771. mov [esp+24h+var_10], edx
9772. jmp @__ok
9773. ; ---------------------------------------------------------------------------
9774.  
9775. @__43h:
9776. call @__std
9777. jz short loc_147C5
9778. mov [esp+24h+var_8], eax
9779. jmp @__err
9780. ; ---------------------------------------------------------------------------
9781.  
9782. loc_147C5:
9783. mov [esp+24h+var_C], ecx
9784. jmp @__ok
9785. ; ---------------------------------------------------------------------------
9786.  
9787. @__47h:
9788. sub esp, 32h
9789. mov ebp, esp
9790. mov [ebp+1Ch], ax
9791. mov [ebp+14h], dx
9792. mov ax, cs:_seg_buf
9793. mov [ebp+24h], ax
9794. mov word ptr [ebp+4], 0
9795. call int21h
9796. test byte ptr [ebp+20h], 1
9797. jnz short loc_14813
9798. push ds
9799. pop es
9800. assume es:TEXT16
9801. mov edi, esi
9802. mov ds, cs:_sel_ds
9803. mov esi, _lobufbase
9804.  
9805. loc_14804:
9806. lods byte ptr [esi]
9807. stos byte ptr es:[edi]
9808. test al, al
9809. jnz short loc_14804
9810. add esp, 32h
9811. jmp @__ok
9812. ; ---------------------------------------------------------------------------
9813.  
9814. loc_14813:
9815. movzx eax, word ptr [ebp+1Ch]
9816. add esp, 32h
9817. mov [esp+24h+var_8], eax
9818. jmp @__err
9819. ; ---------------------------------------------------------------------------
9820.  
9821. @__48h:
9822. mov ax, 100h
9823. int 31h ; DPMI Services ax=func xxxxh
9824. ; ALLOCATE DOS MEMORY BLOCK
9825. ; BX = number of paragraphs to allocate
9826. ; Return: CF set on error
9827. ; CF clear if successful
9828. jb short loc_1483A
9829. movzx edx, dx
9830. mov [esp+24h+var_8], edx
9831. jmp @__ok
9832. ; ---------------------------------------------------------------------------
9833.  
9834. loc_1483A:
9835. movzx eax, ax
9836. movzx ebx, bx
9837. mov [esp+24h+var_8], eax
9838. mov [esp+24h+var_14], ebx
9839. jmp @__err
9840. ; ---------------------------------------------------------------------------
9841.  
9842. @__49h:
9843. mov ax, 101h
9844. mov dx, es
9845. int 31h ; DPMI Services ax=func xxxxh
9846. ; FREE DOS MEMORY BLOCK
9847. ; DX = selector of block
9848. ; Return: CF set on error
9849. ; CF set if successful
9850. jnb short loc_14867
9851. movzx eax, ax
9852. mov [esp+24h+var_8], eax
9853. jmp @__err
9854. ; ---------------------------------------------------------------------------
9855.  
9856. loc_14867:
9857. mov [esp+24h+var_4], 0
9858. jmp @__ok
9859. ; ---------------------------------------------------------------------------
9860.  
9861. @__4Ah:
9862. mov ax, 102h
9863. mov dx, es
9864. int 31h ; DPMI Services ax=func xxxxh
9865. ; RESIZE DOS MEMORY BLOCK
9866. ; BX = new block size in paragraphs, DX = selector of block
9867. ; Return: CF set on error
9868. ; CF clear if successful
9869. jnb @__ok
9870. movzx eax, ax
9871. movzx ebx, bx
9872. mov [esp+24h+var_8], eax
9873. mov [esp+24h+var_14], ebx
9874. jmp @__err
9875. ; ---------------------------------------------------------------------------
9876.  
9877. @__4Bh:
9878. test al, al
9879. jnz @__err
9880. cmp cs:_lobufsize, 400h
9881. jb @__err
9882. sub esp, 32h
9883. mov ebp, esp
9884. mov [ebp+1Ch], ax
9885. push es
9886. mov es, cs:_sel_ds
9887. assume es:nothing
9888. mov edi, cs:_lobufbase
9889. mov esi, edx
9890. add edi, 100h
9891.  
9892. loc_148C8:
9893. lods byte ptr [esi]
9894. stos byte ptr es:[edi]
9895. test al, al
9896. jnz short loc_148C8
9897. pop es
9898. push ds
9899. push es
9900. mov esi, es:[ebx+6]
9901. mov edi, cs:_lobufbase
9902. mov ds, word ptr es:[ebx+0Ah]
9903. mov es, cs:_sel_ds
9904. add edi, 180h
9905. movzx ecx, byte ptr [esi]
9906. inc cx
9907. inc cx
9908. rep movs byte ptr es:[edi], byte ptr [esi]
9909. pop es
9910. pop ds
9911. push ds
9912. push es
9913. mov edi, es:[ebx]
9914. mov ax, es:[ebx+4]
9915. test ax, ax
9916. jz short loc_1493A
9917. mov es, ax
9918. xor ax, ax
9919. mov esi, edi
9920. or ecx, 0FFFFFFFFh
9921.  
9922. loc_14917:
9923. repne scas byte ptr es:[edi]
9924. dec ecx
9925. scas byte ptr es:[edi]
9926. jnz short loc_14917
9927. not ecx
9928. mov ax, 100h
9929. mov bx, cx
9930. shr bx, 4
9931. inc bx
9932. int 31h ; DPMI Services ax=func xxxxh
9933. ; ALLOCATE DOS MEMORY BLOCK
9934. ; BX = number of paragraphs to allocate
9935. ; Return: CF set on error
9936. ; CF clear if successful
9937. jb short loc_1496B
9938. push es
9939. pop ds
9940. mov es, dx
9941. assume es:TEXT16
9942. xor edi, edi
9943. rep movs byte ptr es:[edi], byte ptr [esi]
9944.  
9945. loc_1493A:
9946. mov ds, cs:_sel_ds
9947. mov edi, _lobufbase
9948. mov [edi], ax
9949. mov ax, _seg_buf
9950. mov word ptr [edi+2], 180h
9951. mov [edi+4], ax
9952. mov ax, _seg_es
9953. mov word ptr [edi+6], 5Ch ; '\'
9954. mov [edi+8], ax
9955. mov word ptr [edi+0Ah], 6Ch ; 'l'
9956. mov [edi+0Ch], ax
9957.  
9958. loc_1496B:
9959. pop es
9960. assume es:nothing
9961. pop ds
9962. jb short loc_149D5
9963. push dx
9964. mov ds, cs:_sel_ds
9965. mov ax, _seg_buf
9966. mov [ebp+22h], ax
9967. mov [ebp+24h], ax
9968. mov word ptr [ebp+10h], 0
9969. mov word ptr [ebp+14h], 100h
9970. cmp _sys_type, 3
9971. jz short loc_1499E
9972. mov eax, cr0
9973. mov edi, eax
9974. and al, 0FBh
9975. mov cr0, eax
9976.  
9977. loc_1499E:
9978. call uninstall_client_ints
9979. call int21h
9980. call install_client_ints
9981. cmp _sys_type, 3
9982. jz short loc_149B1
9983. mov cr0, edi
9984.  
9985. loc_149B1:
9986. pop dx
9987. mov ax, 101h
9988. int 31h ; DPMI Services ax=func xxxxh
9989. ; FREE DOS MEMORY BLOCK
9990. ; DX = selector of block
9991. ; Return: CF set on error
9992. ; CF set if successful
9993. movzx eax, word ptr [ebp+1Ch]
9994. test byte ptr [ebp+20h], 1
9995. lea esp, [esp+32h]
9996. mov [esp+24h+var_8], eax
9997. jnz @__err
9998. jmp @__ok
9999. ; ---------------------------------------------------------------------------
10000.  
10001. loc_149D5:
10002. add esp, 32h
10003. mov [esp+24h+var_8], 0FFFFFFFFh
10004. jmp @__err
10005. ; ---------------------------------------------------------------------------
10006.  
10007. @__4Ch:
10008. cli
10009. cld
10010. mov ds, cs:_sel_ds
10011. mov es, _sel_es
10012. lss esp, fword ptr _sel_esp
10013. push ax
10014. mov ax, _sel_env
10015. mov es:2Ch, ax
10016. cmp _sys_type, 3
10017. jz short loc_14A0C
10018. xor eax, eax
10019. mov dr7, eax
10020.  
10021. loc_14A0C:
10022. push es
10023. mov ax, 0Ch
10024. xor edx, edx
10025. mov cx, dx
10026. mov es, dx
10027. assume es:nothing
10028. int 33h ; - MS MOUSE - DEFINE INTERRUPT SUBROUTINE PARAMETERS
10029. ; CX = call mask, ES:DX -> FAR routine
10030. pop es
10031. assume es:nothing
10032. mov dx, _mus_backofs
10033. mov cx, _mus_backseg
10034. mov ax, cx
10035. or ax, dx
10036. jz short loc_14A2D
10037. mov ax, 304h
10038. int 31h ; DPMI Services ax=func xxxxh
10039. ; FREE REAL MODE CALL-BACK ADDRESS
10040. ; CX:DX = real mode call-back address
10041. ; Return: CF set on error
10042. ; CF clear if successful
10043.  
10044. loc_14A2D: ; +4: _exec_handle
10045. mov ecx, dword ptr aThisProgramRequ+14h ; +8: _exec_start
10046. ; +C: _srcaddr
10047. ; +10: _codesize
10048. ; +14: _app_num_objects
10049. ; +18: _app_off_objects
10050. ; +1C: _app_off_pagetab
10051. ; +20: _app_off_fixpagetab
10052. ; +24: _app_off_fixrectab
10053. jcxz short loc_14A43
10054.  
10055. loc_14A34:
10056. mov ax, 1
10057. mov bx, word ptr get_environ_config[ecx*2] ; also _app_buf_allocsel
10058. int 31h ; DPMI Services ax=func xxxxh
10059. ; FREE LDT DESCRIPTOR
10060. ; BX = selector to free
10061. ; Return: CF set on error
10062. ; CF clear if successful
10063. loop loc_14A34
10064.  
10065. loc_14A43:
10066. call check_inttab
10067. call restore_inttab
10068. call uninstall_client_ints
10069. mov ax, 1
10070. mov bx, cs:_sel_zero
10071. int 31h ; DPMI Services ax=func xxxxh
10072. ; FREE LDT DESCRIPTOR
10073. ; BX = selector to free
10074. ; Return: CF set on error
10075. ; CF clear if successful
10076. xor ax, ax
10077. mov fs, ax
10078. assume fs:nothing
10079. mov gs, ax
10080. assume gs:nothing
10081. pop ax
10082. jmp large [fword ptr cs:_int21_._ip]
10083. ; ---------------------------------------------------------------------------
10084.  
10085. @__4Eh:
10086. call @__std
10087. jnz short loc_14A8A
10088. mov ds, cs:_dta_sel
10089. mov esi, cs:_dta_ofs
10090. mov es, cs:_app_dta_sel
10091. mov edi, cs:_app_dta_ofs
10092. mov ecx, 2Bh ; '+'
10093. rep movs byte ptr es:[edi], byte ptr [esi]
10094. jmp @__ok
10095. ; ---------------------------------------------------------------------------
10096.  
10097. loc_14A8A:
10098. mov [esp+24h+var_8], eax
10099. jmp @__err
10100. ; ---------------------------------------------------------------------------
10101.  
10102. @__4Fh:
10103. mov ds, cs:_app_dta_sel
10104. mov esi, cs:_app_dta_ofs
10105. mov es, cs:_dta_sel
10106. mov edi, cs:_dta_ofs
10107. mov ecx, 2Bh ; '+'
10108. rep movs byte ptr es:[edi], byte ptr [esi]
10109. call @__all
10110. jnz short loc_14AD9
10111. mov ds, cs:_dta_sel
10112. mov esi, cs:_dta_ofs
10113. mov es, cs:_app_dta_sel
10114. mov edi, cs:_app_dta_ofs
10115. mov ecx, 2Bh ; '+'
10116. rep movs byte ptr es:[edi], byte ptr [esi]
10117. jmp @__ok
10118. ; ---------------------------------------------------------------------------
10119.  
10120. loc_14AD9:
10121. mov [esp+24h+var_8], eax
10122. jmp @__err
10123. ; ---------------------------------------------------------------------------
10124.  
10125. @__51h:
10126. movzx eax, cs:_seg_es
10127. mov [esp+24h+var_14], eax
10128. jmp @__ok
10129. ; ---------------------------------------------------------------------------
10130.  
10131. @__56h:
10132. sub esp, 32h
10133. mov ebp, esp
10134. mov [ebp+1Ch], ax
10135. or ecx, 0FFFFFFFFh
10136. xor al, al
10137. repne scas byte ptr es:[edi]
10138. not ecx
10139. sub edi, ecx
10140. mov esi, edi
10141. push ds
10142. push es
10143. pop ds
10144. mov es, cs:_sel_ds
10145. mov edi, cs:_lobufbase
10146. rep movs byte ptr es:[edi], byte ptr [esi]
10147. pop ds
10148. mov ecx, edi
10149. mov ebx, cs:_lobufbase
10150. sub ecx, ebx
10151. xchg ecx, ebx
10152. push ds
10153. pop es
10154. assume es:TEXT16
10155. mov esi, edx
10156. xchg esi, edi
10157. or ecx, 0FFFFFFFFh
10158. xor al, al
10159. repne scas byte ptr es:[edi]
10160. not ecx
10161. sub edi, ecx
10162. xchg esi, edi
10163. mov es, cs:_sel_ds
10164. assume es:nothing
10165. rep movs byte ptr es:[edi], byte ptr [esi]
10166. mov ax, cs:_seg_buf
10167. mov [ebp+24h], ax
10168. mov [ebp+22h], ax
10169. mov word ptr [ebp+0], 0
10170. mov [ebp+14h], bx
10171. call int21h
10172. jmp @__tst
10173. ; ---------------------------------------------------------------------------
10174.  
10175. @__62h:
10176. movzx eax, cs:_sel_es
10177. mov [esp+24h+var_14], eax
10178. jmp @__ok
10179. ; ---------------------------------------------------------------------------
10180.  
10181. @_7160:
10182. sub esp, 32h
10183. mov ebp, esp
10184. push es
10185. push edi
10186. mov [ebp+1Ch], ax
10187. mov [ebp+18h], cx
10188. mov es, cs:_sel_ds
10189. mov edi, cs:_lobufbase
10190. add edi, 200h
10191.  
10192. loc_14BA2:
10193. lods byte ptr [esi]
10194. stos byte ptr es:[edi]
10195. test al, al
10196. jnz short loc_14BA2
10197. mov ax, cs:_seg_buf
10198. mov [ebp+24h], ax
10199. mov [ebp+22h], ax
10200. mov word ptr [ebp+4], 200h
10201. mov word ptr [ebp+0], 0
10202. call int21h
10203. push es
10204. pop ds
10205. mov esi, cs:_lobufbase
10206. pop edi
10207. pop es
10208. test byte ptr [ebp+20h], 1
10209. jnz short loc_14BE6
10210.  
10211. loc_14BD7:
10212. lods byte ptr [esi]
10213. stos byte ptr es:[edi]
10214. test al, al
10215. jnz short loc_14BD7
10216. add esp, 32h
10217. jmp @__ok
10218. ; ---------------------------------------------------------------------------
10219.  
10220. loc_14BE6:
10221. movzx eax, word ptr [ebp+1Ch]
10222. add esp, 32h
10223. mov [esp+24h+var_8], eax
10224. jmp @__err
10225. ; ---------------------------------------------------------------------------
10226.  
10227. @_716C:
10228. sub esp, 32h
10229. mov ebp, esp
10230. mov [ebp+0], di
10231. mov [ebp+10h], bx
10232. mov [ebp+14h], dx
10233. mov [ebp+18h], cx
10234. mov [ebp+1Ch], ax
10235. mov ax, cs:_seg_buf
10236. mov [ebp+24h], ax
10237. mov word ptr [ebp+4], 0
10238. mov es, cs:_sel_ds
10239. mov edi, cs:_lobufbase
10240.  
10241. loc_14C2D:
10242. lods byte ptr [esi]
10243. stos byte ptr es:[edi]
10244. test al, al
10245. jnz short loc_14C2D
10246. call int21h
10247. movzx eax, word ptr [ebp+1Ch]
10248. movzx ecx, word ptr [ebp+18h]
10249. test byte ptr [ebp+20h], 1
10250. lea esp, [esp+32h]
10251. mov [esp+24h+var_8], eax
10252. jnz @__err
10253. mov [esp+24h+var_C], ecx
10254. jmp @__ok
10255. ; ---------------------------------------------------------------------------
10256.  
10257. @__FFh:
10258. cmp al, 88h ; 'ˆ'
10259. jz @_FF88
10260. cmp al, 89h ; '‰'
10261. jz @_FF89
10262. cmp al, 8Ah ; 'Š'
10263. jz @_FF8A
10264. cmp al, 8Dh ; ''
10265. jz @_FF8D
10266. cmp al, 8Eh ; 'Ž'
10267. jz @_FF8E
10268. cmp al, 8Fh ; ''
10269. jz @_FF8F
10270. cmp al, 80h ; '€'
10271. jz @_FF80
10272. cmp al, 90h ; ''
10273. jz @_FF90
10274. cmp al, 91h ; '‘'
10275. jz @_FF91
10276. cmp al, 92h ; '’'
10277. jz @_FF92
10278. cmp al, 93h ; '“'
10279. jz @_FF93
10280. cmp al, 94h ; '”'
10281. jz @_FF94
10282. cmp al, 95h ; '•'
10283. jz @_FF95
10284. cmp al, 96h ; '–'
10285. jz @_FF96
10286. cmp al, 97h ; '—'
10287. jz @_FF97
10288. cmp al, 98h ; '˜'
10289. jz @_FF98
10290. cmp al, 99h ; '™'
10291. jz @_FF99
10292. cmp al, 9Ah ; 'š'
10293. jz @_FF9A
10294. cmp dx, 78h ; 'x'
10295. jnz @__go21
10296. mov gs, cs:_sel_ds
10297. assume gs:nothing
10298. mov [esp+24h+var_8], 4734FFFFh
10299. jmp @__ok
10300. ; ---------------------------------------------------------------------------
10301.  
10302. @_FF88:
10303. sub esp, 32h
10304. mov ebp, esp
10305. mov [ebp+1Ch], ax
10306. call int21h
10307. mov eax, 'ID32'
10308. movzx ebx, cs:_version
10309. mov ecx, [ebp+18h]
10310. mov edx, [ebp+14h]
10311. mov esi, [ebp+4]
10312. mov edi, [ebp+0]
10313. mov ebp, [esp+56h+var_1C]
10314. add esp, 52h
10315. jmp @__exi
10316. ; ---------------------------------------------------------------------------
10317.  
10318. @_FF89:
10319. mov eax, 49443332h
10320. movzx esi, cs:_seg_id32
10321. shl esi, 4
10322. mov fs, cs:_sel_zero
10323. assume fs:nothing
10324. movzx ebx, cs:_version
10325. mov ecx, cs:_lobufsize
10326. movzx edx, word ptr cs:_misc_byte_1
10327. add esp, 20h
10328. jmp @__exi
10329. ; ---------------------------------------------------------------------------
10330.  
10331. @_FF8A:
10332. mov eax, 'ID32'
10333. movzx esi, cs:_seg_kernel
10334. shl esi, 4
10335. add esi, 0
10336. mov fs, cs:_sel_zero
10337. movzx ebx, cs:_version
10338. mov cl, cs:_cpu_type
10339. mov ch, cs:_sys_type
10340. mov dl, fs:[esi]
10341. add esp, 20h
10342. jmp @__exi
10343. ; ---------------------------------------------------------------------------
10344.  
10345. @_FF8D:
10346. push gs
10347. push ds
10348. pop gs
10349. assume gs:TEXT16
10350. mov ds, cs:_sel_ds
10351. call decompress
10352. mov eax, dword ptr aThisProgramRequ+10h ; +4: _exec_handle
10353. ; +8: _exec_start
10354. ; +C: _srcaddr
10355. ; +10: _codesize
10356. ; +14: _app_num_objects
10357. ; +18: _app_off_objects
10358. ; +1C: _app_off_pagetab
10359. ; +20: _app_off_fixpagetab
10360. ; +24: _app_off_fixrectab
10361. sub eax, edi
10362. pop gs
10363. assume gs:nothing
10364. mov [esp+24h+var_8], eax
10365. jmp @__ok
10366. ; ---------------------------------------------------------------------------
10367.  
10368. @_FF8E:
10369. mov gs, cs:_sel_ds
10370. mov edx, offset start
10371. mov esi, offset get_environ_config ; also _app_buf_allocsel
10372. mov edi, offset _misc_byte_1
10373. add esp, 20h
10374. jmp @__exi
10375. ; ---------------------------------------------------------------------------
10376.  
10377. @_FF8F:
10378. mov ds, cs:_sel_ds
10379. xchg ebx, _lobufsize
10380. mov [esp+24h+var_14], ebx
10381. jmp @__ok
10382. ; ---------------------------------------------------------------------------
10383.  
10384. @_FF80:
10385. mov es, cs:_sel_ds
10386. mov edi, cs:_lobufbase
10387. mov esi, edx
10388. mov dx, di
10389.  
10390. loc_14DED:
10391. lods byte ptr [esi]
10392. stosb
10393. test al, al
10394. jnz short loc_14DED
10395. push es
10396. pop ds
10397. mov word ptr a80386ProcessorO+38h, ss ; +0: _app_off_datapages
10398. ; +4: _app_off_pageshift
10399. ; +8: _app_eip_object
10400. ; +C: _app_esp_object
10401. ; +10: _app_eip
10402. ; +14: _app_esp
10403. ; +18: _unreloc_eip
10404. ; +20: _app_siz_fixrectab
10405. ; +24: _app_buf_fixrscstab
10406. ; +28: _app_size_lastpage
10407. mov dword ptr a80386ProcessorO+34h, esp ; +0: _app_off_datapages
10408. ; +4: _app_off_pageshift
10409. ; +8: _app_eip_object
10410. ; +C: _app_esp_object
10411. ; +10: _app_eip
10412. ; +14: _app_esp
10413. ; +18: _unreloc_eip
10414. ; +20: _app_siz_fixrectab
10415. ; +24: _app_buf_fixrscstab
10416. ; +28: _app_size_lastpage
10417. lss esp, fword ptr _sel_esp
10418. push ecx
10419. push ebx
10420. call prints
10421. lss esp, fword ptr a80386ProcessorO+34h ; +0: _app_off_datapages
10422. ; +4: _app_off_pageshift
10423. ; +8: _app_eip_object
10424. ; +C: _app_esp_object
10425. ; +10: _app_eip
10426. ; +14: _app_esp
10427. ; +18: _unreloc_eip
10428. ; +20: _app_siz_fixrectab
10429. ; +24: _app_buf_fixrscstab
10430. ; +28: _app_size_lastpage
10431. jmp @__ok
10432. ; ---------------------------------------------------------------------------
10433.  
10434. @_FF90:
10435. push ss
10436. pop es
10437. sub esp, 30h
10438. mov edi, esp
10439. mov ax, 500h
10440. int 31h ; DPMI Services ax=func xxxxh
10441. ; GET FREE MEMORY INFORMATION
10442. ; ES:DI / ES:EDI -> buffer for memory information
10443. ; Return: CF clear
10444. mov eax, [esp]
10445. add esp, 30h
10446. mov [esp+24h+var_8], eax
10447. jmp @__ok
10448. ; ---------------------------------------------------------------------------
10449.  
10450. @_FF91:
10451. call @_FF9x1
10452. mov ax, 501h
10453. int 31h ; DPMI Services ax=func xxxxh
10454. ; ALLOCATE MEMORY BLOCK
10455. ; BX:CX = size in bytes
10456. ; Return: CF set on error
10457. ; CF clear if successful
10458. jmp @_FF9x2
10459. ; ---------------------------------------------------------------------------
10460.  
10461. @_FF92:
10462. call @_FF9x1
10463. mov ax, 502h
10464. int 31h ; DPMI Services ax=func xxxxh
10465. ; FREE MEMORY BLOCK
10466. ; SI:DI = handle of memory block
10467. ; Return: CF set on error
10468. ; CF clear if successful
10469. jb @__err
10470. jmp @__ok
10471. ; ---------------------------------------------------------------------------
10472.  
10473. @_FF93:
10474. call @_FF9x1
10475. mov ax, 503h
10476. int 31h ; DPMI Services ax=func xxxxh
10477. ; RESIZE MEMORY BLOCK
10478. ; BX:CX = new size in bytes, SI:DI = handle of memory block
10479. ; Return: CF set on error
10480. ; CF clear if successful
10481. jmp @_FF9x2
10482. ; ---------------------------------------------------------------------------
10483.  
10484. @_FF94:
10485. mov ah, 48h ; 'H'
10486. mov bx, 0FFFFh
10487. call @__all
10488. shl ebx, 4
10489. mov [esp+24h+var_8], ebx
10490. jmp @__ok
10491. ; ---------------------------------------------------------------------------
10492.  
10493. @_FF95:
10494. add ebx, 0Fh
10495. shr ebx, 4
10496. test ebx, 0FFFF0000h
10497. jnz @__err
10498. test bx, bx
10499. jz @__err
10500. mov ah, 48h ; 'H'
10501. call @__all
10502. jnz @__err
10503. mov [esp+24h+var_20], eax
10504. shl eax, 4
10505. mov [esp+24h+var_14], eax
10506. jmp @__ok
10507. ; ---------------------------------------------------------------------------
10508.  
10509. @_FF96:
10510. sub esp, 32h
10511. mov ebp, esp
10512. mov byte ptr [ebp+1Dh], 49h ; 'I'
10513. mov [ebp+22h], si
10514. call int21h
10515. test byte ptr [ebp+20h], 1
10516. lea esp, [esp+32h]
10517. jnz @__err
10518. jmp @__ok
10519. ; ---------------------------------------------------------------------------
10520.  
10521. @_FF97:
10522. add ebx, 0Fh
10523. shr ebx, 4
10524. test ebx, 0FFFF0000h
10525. jnz @__err
10526. test bx, bx
10527. jz @__err
10528. sub esp, 32h
10529. mov ebp, esp
10530. mov byte ptr [ebp+1Dh], 4Ah ; 'J'
10531. mov [ebp+10h], bx
10532. mov [ebp+22h], si
10533. call int21h
10534. test byte ptr [ebp+20h], 1
10535. lea esp, [esp+32h]
10536. jnz @__err
10537. jmp @__ok
10538. ; ---------------------------------------------------------------------------
10539.  
10540. @_FF98:
10541. call @_FF9x1
10542. mov ax, 800h
10543. int 31h ; DPMI Services ax=func xxxxh
10544. ; PHYSICAL ADDRESS MAPPING
10545. ; BX:CX = physical address, SI:DI = size in bytes
10546. ; Return: CF set on error
10547. ; CF clear if successful
10548. ; BX:CX = linear address which maps the requested physical memory
10549. jb @__err
10550. jmp short loc_14F57
10551. ; ---------------------------------------------------------------------------
10552.  
10553. @_FF99:
10554. call @_FF9x1
10555. mov ax, 801h
10556. int 31h ; DPMI Services ax=func xxxxh
10557. ; free physical address mapping
10558. jb @__err
10559. jmp @__ok
10560. ; ---------------------------------------------------------------------------
10561.  
10562. @_FF9A:
10563. mov edi, ebx
10564. call set_descriptor
10565. jb @__err
10566. mov word ptr [esp+24h+var_8], ax
10567. jmp @__ok
10568. _int21 endp ; sp-analysis failed
10569.  
10570.  
10571. ; =============== S U B R O U T I N E =======================================
10572.  
10573.  
10574. @_FF9x1 proc near
10575. mov cx, bx
10576. shr ebx, 10h
10577. mov di, si
10578. shr esi, 10h
10579. retn
10580. @_FF9x1 endp
10581.  
10582. ; ---------------------------------------------------------------------------
10583. ; START OF FUNCTION CHUNK FOR _int21
10584.  
10585. @_FF9x2:
10586. jb @__err
10587. shl esi, 10h
10588. mov si, di
10589. mov [esp+24h+var_20], esi
10590.  
10591. loc_14F57:
10592. shl ebx, 10h
10593. mov bx, cx
10594. mov [esp+24h+var_14], ebx
10595. jmp @__ok
10596. ; END OF FUNCTION CHUNK FOR _int21
10597.  
10598. ; =============== S U B R O U T I N E =======================================
10599.  
10600.  
10601. @__cpy proc near
10602. push ds
10603. pop es
10604. assume es:TEXT16
10605. xor ax, ax
10606. mov esi, edx
10607. mov edi, edx
10608. or ecx, 0FFFFFFFFh
10609. repne scas byte ptr es:[edi]
10610. not ecx
10611. mov es, cs:_sel_ds
10612. assume es:nothing
10613. mov edi, cs:_lobufbase
10614. rep movs byte ptr es:[edi], byte ptr [esi]
10615. mov ax, cs:_seg_buf
10616. mov [ebp+24h], ax
10617. mov word ptr [ebp+14h], 0
10618. jmp int21h
10619. @__cpy endp
10620.  
10621.  
10622. ; =============== S U B R O U T I N E =======================================
10623.  
10624.  
10625. @__cp2 proc near
10626. mov ecx, eax
10627. shr cx, 2
10628. rep movs dword ptr es:[edi], dword ptr [esi]
10629. mov cl, al
10630. and cl, 3
10631. rep movs byte ptr es:[edi], byte ptr [esi]
10632. retn
10633. @__cp2 endp
10634.  
10635.  
10636. ; =============== S U B R O U T I N E =======================================
10637.  
10638.  
10639. @__std proc near
10640. sub esp, 32h
10641. mov ebp, esp
10642. mov [ebp+4], si
10643. mov [ebp+10h], bx
10644. mov [ebp+18h], cx
10645. mov [ebp+1Ch], ax
10646. call @__cpy
10647. movzx eax, word ptr [ebp+1Ch]
10648. movzx ecx, word ptr [ebp+18h]
10649. test byte ptr [ebp+20h], 1
10650. lea esp, [esp+32h]
10651. retn
10652. @__std endp
10653.  
10654.  
10655. ; =============== S U B R O U T I N E =======================================
10656.  
10657.  
10658. @__all proc near
10659. sub esp, 32h
10660. mov ebp, esp
10661. mov [ebp+10h], bx
10662. mov [ebp+14h], dx
10663. mov [ebp+18h], cx
10664. mov [ebp+1Ch], ax
10665. call int21h
10666. movzx eax, word ptr [ebp+1Ch]
10667. movzx ecx, word ptr [ebp+18h]
10668. movzx edx, word ptr [ebp+14h]
10669. movzx ebx, word ptr [ebp+10h]
10670. movzx edi, word ptr [ebp+22h]
10671. movzx esi, word ptr [ebp+24h]
10672. test byte ptr [ebp+20h], 1
10673. lea esp, [esp+32h]
10674. retn
10675. @__all endp
10676.  
10677. ; ---------------------------------------------------------------------------
10678. ; START OF FUNCTION CHUNK FOR _int21
10679.  
10680. @__tst:
10681. movzx eax, word ptr [ebp+1Ch]
10682. test byte ptr [ebp+20h], 1
10683. lea esp, [esp+32h]
10684. mov [esp+24h+var_8], eax
10685. jnz short @__err
10686. ; END OF FUNCTION CHUNK FOR _int21
10687. ; START OF FUNCTION CHUNK FOR _int33
10688.  
10689. @__ok:
10690. popad
10691.  
10692. @__exi:
10693. pop es
10694. pop ds
10695. and [esp+arg_6], 0FEh
10696. iretd
10697. ; END OF FUNCTION CHUNK FOR _int33
10698. ; ---------------------------------------------------------------------------
10699. ; START OF FUNCTION CHUNK FOR _int21
10700.  
10701. @__err:
10702. popad
10703. pop es
10704. pop ds
10705. or [esp+arg_6], 1
10706. iretd
10707. ; END OF FUNCTION CHUNK FOR _int21
10708.  
10709. ; =============== S U B R O U T I N E =======================================
10710.  
10711.  
10712. _int33 proc near
10713.  
10714. var_14 = word ptr -14h
10715. var_10 = dword ptr -10h
10716. var_8 = dword ptr -8
10717. var_4 = word ptr -4
10718. arg_6 = byte ptr 8
10719.  
10720. ; FUNCTION CHUNK AT 2141 SIZE 0000000C BYTES
10721. ; FUNCTION CHUNK AT 2306 SIZE 00000090 BYTES
10722.  
10723. cld
10724. push ds
10725. push es
10726. pushad
10727. cmp ax, 9
10728. jz short @__0009h
10729. cmp ax, 0Ch
10730. jz short @__000Ch
10731. cmp ax, 14h
10732. jz short @__0014h
10733. cmp ax, 16h
10734. jz @__0016h
10735. cmp ax, 17h
10736. jz @__0017h
10737. cmp ax, 18h
10738. jz @__0018h
10739. cmp ax, 19h
10740. jz @__0019h
10741. cmp ax, 20h
10742. jz @__0020h
10743. popad
10744. pop es
10745. pop ds
10746. jmp large [fword ptr cs:_int33_._ip]
10747. ; ---------------------------------------------------------------------------
10748.  
10749. @__0009h:
10750. push es
10751. pop ds
10752. sub esp, 32h
10753. mov ebp, esp
10754. mov esi, edx
10755. mov es, cs:_sel_zero
10756. movzx edi, cs:_seg_mus
10757. mov [ebp+1Ch], ax
10758. mov [ebp+18h], cx
10759. mov [ebp+10h], bx
10760. mov [ebp+22h], di
10761. mov word ptr [ebp+14h], 0
10762. shl edi, 4
10763. mov ecx, 10h
10764. rep movs dword ptr es:[edi], dword ptr [esi]
10765. call int33h
10766. add esp, 32h
10767. jmp @__ok
10768. ; ---------------------------------------------------------------------------
10769.  
10770. @__000Ch:
10771. call _mus_int_def
10772. jmp @__ok
10773. ; ---------------------------------------------------------------------------
10774.  
10775. @__0014h:
10776. mov si, cs:_mus_._cs
10777. mov edi, cs:_mus_._ip
10778. call _mus_int_def
10779. mov [esp+24h+var_10], edi
10780. mov [esp+24h+var_4], si
10781. jmp @__ok
10782. ; ---------------------------------------------------------------------------
10783.  
10784. @__0018h:
10785. call _mus_int_def
10786. mov [esp+24h+var_8], eax
10787. jmp @__ok
10788. ; ---------------------------------------------------------------------------
10789.  
10790. @__0019h:
10791. mov ax, cs:_mus_._cs
10792. mov edx, cs:_mus_._ip
10793. mov [esp+24h+var_10], edx
10794. mov [esp+24h+var_14], ax
10795. jmp @__ok
10796. _int33 endp
10797.  
10798.  
10799. ; =============== S U B R O U T I N E =======================================
10800.  
10801.  
10802. _mus_int_def proc near
10803. sub esp, 32h
10804. mov ebp, esp
10805. mov [ebp+1Ch], ax
10806. mov [ebp+18h], cx
10807. mov ds, cs:_sel_ds
10808. xor eax, eax
10809. mov _mus_._ip, edx
10810. mov _mus_._cs, es
10811. mov ax, es
10812. or eax, edx
10813. jz short loc_15153
10814. mov ax, _seg_ds
10815. mov dx, offset _mus_int_rm
10816.  
10817. loc_15153:
10818. mov [ebp+14h], dx
10819. mov [ebp+22h], ax
10820. cli
10821. call int33h
10822. movzx eax, word ptr [ebp+1Ch]
10823. add esp, 32h
10824. sti
10825. retn
10826. _mus_int_def endp
10827.  
10828.  
10829. ; =============== S U B R O U T I N E =======================================
10830.  
10831.  
10832. _mus_int_rm proc far
10833. cmp cs:_mus_data, 0
10834. mov cs:_mus_data, 1
10835. jnz short locret_1517E
10836. jmp dword ptr cs:_mus_backofs
10837. ; ---------------------------------------------------------------------------
10838.  
10839. locret_1517E:
10840. retf
10841. _mus_int_rm endp
10842.  
10843.  
10844. ; =============== S U B R O U T I N E =======================================
10845.  
10846.  
10847. _mus_int_pm proc far
10848. cld
10849. pushad
10850. push ds
10851. push es
10852. push fs
10853. push gs
10854. xor eax, eax
10855. mov ax, ds
10856. mov ds, cs:_sel_ds
10857. mov dword ptr aSystemSoftwareD+7, esp ; +3: _app_type
10858. ; +4: _app_load
10859. mov word ptr aSystemSoftwareD+0Bh, ss ; +3: _app_type
10860. ; +4: _app_load
10861. mov ds, ax
10862. mov ax, ss
10863. lar eax, eax
10864. shr eax, 17h
10865. jb short loc_151AD
10866. movzx esp, sp
10867.  
10868. loc_151AD:
10869. mov ax, cs:_seg_ds
10870. mov es:[edi+2Ch], ax
10871. mov word ptr es:[edi+2Ah], offset @@done
10872. movzx eax, word ptr es:[edi+1Ch]
10873. movzx ecx, word ptr es:[edi+18h]
10874. movzx edx, word ptr es:[edi+14h]
10875. movzx ebx, word ptr es:[edi+10h]
10876. movzx esi, word ptr es:[edi+4]
10877. movzx edi, word ptr es:[edi]
10878. pushfd
10879. call large [fword ptr cs:_mus_._ip]
10880. lss esp, fword ptr cs:aSystemSoftwareD+7 ; +3: _app_type
10881. ; +4: _app_load
10882. pop gs
10883. pop fs
10884. pop es
10885. pop ds
10886. popad
10887. iretd
10888. ; ---------------------------------------------------------------------------
10889.  
10890. @@done:
10891. mov cs:_mus_data, 0
10892. retf
10893. _mus_int_pm endp
10894.  
10895. ; ---------------------------------------------------------------------------
10896. ; START OF FUNCTION CHUNK FOR _int33
10897.  
10898. @__0016h:
10899. sub esp, 32h
10900. mov ebp, esp
10901. mov edi, edx
10902. mov [ebp+1Ch], ax
10903. mov ax, cs:_seg_buf
10904. mov [ebp+22h], ax
10905. mov word ptr [ebp+14h], 0
10906. call int33h
10907. mov ds, cs:_sel_ds
10908. mov esi, _lobufbase
10909. mov ecx, _mus_size
10910. rep movs byte ptr es:[edi], byte ptr [esi]
10911. add esp, 32h
10912. jmp @__ok
10913. ; ---------------------------------------------------------------------------
10914.  
10915. @__0017h:
10916. push es
10917. pop ds
10918. sub esp, 32h
10919. mov ebp, esp
10920. mov esi, edx
10921. mov [ebp+1Ch], ax
10922. mov ax, cs:_seg_buf
10923. mov [ebp+22h], ax
10924. mov word ptr [ebp+14h], 0
10925. mov es, cs:_sel_ds
10926. mov edi, cs:_lobufbase
10927. mov ecx, cs:_mus_size
10928. rep movs byte ptr es:[edi], byte ptr [esi]
10929. call int33h
10930. add esp, 32h
10931. jmp @__ok
10932. ; ---------------------------------------------------------------------------
10933.  
10934. @__0020h:
10935. sub esp, 32h
10936. mov ebp, esp
10937. mov [ebp+1Ch], ax
10938. call int33h
10939. add esp, 32h
10940. mov word ptr [esp+24h+var_8], 0FFFFh
10941. jmp @__ok
10942. ; END OF FUNCTION CHUNK FOR _int33
10943. ; Runtime extender ends here
10944. ; -----------------------------------------------
10945. ; Loader starts here
10946.  
10947. ; =============== S U B R O U T I N E =======================================
10948.  
10949.  
10950. load_le_app proc near
10951. mov byte ptr aSystemSoftwareD+3, 0 ; +3: _app_type
10952. ; +4: _app_load
10953. jmp short load_application
10954. load_le_app endp
10955.  
10956.  
10957. ; =============== S U B R O U T I N E =======================================
10958.  
10959.  
10960. load_lx_app proc near
10961. mov byte ptr aSystemSoftwareD+3, 1 ; +3: _app_type
10962. ; +4: _app_load
10963. jmp short load_application
10964. load_lx_app endp
10965.  
10966.  
10967. ; =============== S U B R O U T I N E =======================================
10968.  
10969.  
10970. load_lc_app proc near
10971. mov byte ptr aSystemSoftwareD+3, 2 ; +3: _app_type
10972. load_lc_app endp ; sp-analysis failed ; +4: _app_load
10973.  
10974.  
10975. ; =============== S U B R O U T I N E =======================================
10976.  
10977.  
10978. load_application proc near
10979. call load_header
10980. call verbose_showloadhdr
10981. mov ecx, 1
10982.  
10983. loc_152B5:
10984. call load_object
10985. call create_selector
10986. call verbose_showloadobj
10987. push edx
10988. push edi
10989. push esi
10990. push ebx
10991. inc cx
10992. cmp cx, word ptr aThisProgramRequ+14h ; +4: _exec_handle
10993. ; +8: _exec_start
10994. ; +C: _srcaddr
10995. ; +10: _codesize
10996. ; +14: _app_num_objects
10997. ; +18: _app_off_objects
10998. ; +1C: _app_off_pagetab
10999. ; +20: _app_off_fixpagetab
11000. ; +24: _app_off_fixrectab
11001. jbe short loc_152B5
11002. call preload_fixups
11003. mov ebp, esp
11004. mov ebx, dword ptr aThisProgramRequ+14h ; +4: _exec_handle
11005. ; +8: _exec_start
11006. ; +C: _srcaddr
11007. ; +10: _codesize
11008. ; +14: _app_num_objects
11009. ; +18: _app_off_objects
11010. ; +1C: _app_off_pagetab
11011. ; +20: _app_off_fixpagetab
11012. ; +24: _app_off_fixrectab
11013. dec bx
11014. shl bx, 4
11015. mov dword ptr aThisProgramRequ+0Ch, ebx ; +4: _exec_handle
11016. ; +8: _exec_start
11017. ; +C: _srcaddr
11018. ; +10: _codesize
11019. ; +14: _app_num_objects
11020. ; +18: _app_off_objects
11021. ; +1C: _app_off_pagetab
11022. ; +20: _app_off_fixpagetab
11023. ; +24: _app_off_fixrectab
11024.  
11025. loc_152E1:
11026. call relocate_object
11027. sub bx, 10h
11028. jnb short loc_152E1
11029. call unload_fixups
11030. call close_exec
11031. mov esp, _sel_esp
11032. call verbose_showstartup
11033. jmp enter_32bit_code
11034. load_application endp ; sp-analysis failed
11035.  
11036.  
11037. ; =============== S U B R O U T I N E =======================================
11038.  
11039.  
11040. load_header proc near
11041.  
11042. ; FUNCTION CHUNK AT 2A41 SIZE 00000052 BYTES
11043.  
11044. mov ecx, 0A8h ; '¨'
11045. mov edx, 4
11046. mov _err_code, 3002h
11047. cmp byte ptr aSystemSoftwareD+3, 2 ; +3: _app_type
11048. ; +4: _app_load
11049. jz load_lc_header
11050. call load_fs_block
11051. mov edx, dword ptr aThisProgramRequ+8 ; +4: _exec_handle
11052. ; +8: _exec_start
11053. ; +C: _srcaddr
11054. ; +10: _codesize
11055. ; +14: _app_num_objects
11056. ; +18: _app_off_objects
11057. ; +1C: _app_off_pagetab
11058. ; +20: _app_off_fixpagetab
11059. ; +24: _app_off_fixrectab
11060. mov ax, fs:10h
11061. and ax, 2000h
11062. mov ax, 3005h
11063. jnz file_error
11064. mov ax, fs:44h
11065. mov cx, ax
11066. cmp ax, 40h ; '@'
11067. mov ax, 4001h
11068. ja file_error
11069. mov dword ptr aThisProgramRequ+14h, ecx ; +4: _exec_handle
11070. ; +8: _exec_start
11071. ; +C: _srcaddr
11072. ; +10: _codesize
11073. ; +14: _app_num_objects
11074. ; +18: _app_off_objects
11075. ; +1C: _app_off_pagetab
11076. ; +20: _app_off_fixpagetab
11077. ; +24: _app_off_fixrectab
11078. mov eax, fs:40h
11079. add eax, edx
11080. mov dword ptr aThisProgramRequ+18h, eax ; +4: _exec_handle
11081. ; +8: _exec_start
11082. ; +C: _srcaddr
11083. ; +10: _codesize
11084. ; +14: _app_num_objects
11085. ; +18: _app_off_objects
11086. ; +1C: _app_off_pagetab
11087. ; +20: _app_off_fixpagetab
11088. ; +24: _app_off_fixrectab
11089. mov eax, fs:48h
11090. add eax, edx
11091. mov dword ptr aThisProgramRequ+1Ch, eax ; +4: _exec_handle
11092. ; +8: _exec_start
11093. ; +C: _srcaddr
11094. ; +10: _codesize
11095. ; +14: _app_num_objects
11096. ; +18: _app_off_objects
11097. ; +1C: _app_off_pagetab
11098. ; +20: _app_off_fixpagetab
11099. ; +24: _app_off_fixrectab
11100. mov eax, fs:68h
11101. add eax, edx
11102. mov dword ptr aThisProgramRequ+20h, eax ; +4: _exec_handle
11103. ; +8: _exec_start
11104. ; +C: _srcaddr
11105. ; +10: _codesize
11106. ; +14: _app_num_objects
11107. ; +18: _app_off_objects
11108. ; +1C: _app_off_pagetab
11109. ; +20: _app_off_fixpagetab
11110. ; +24: _app_off_fixrectab
11111. mov eax, fs:6Ch
11112. add eax, edx
11113. mov dword ptr aThisProgramRequ+24h, eax ; +4: _exec_handle
11114. ; +8: _exec_start
11115. ; +C: _srcaddr
11116. ; +10: _codesize
11117. ; +14: _app_num_objects
11118. ; +18: _app_off_objects
11119. ; +1C: _app_off_pagetab
11120. ; +20: _app_off_fixpagetab
11121. ; +24: _app_off_fixrectab
11122. mov eax, fs:80h
11123. add dword ptr a80386ProcessorO, eax ; +0: _app_off_datapages
11124. ; +4: _app_off_pageshift
11125. ; +8: _app_eip_object
11126. ; +C: _app_esp_object
11127. ; +10: _app_eip
11128. ; +14: _app_esp
11129. ; +18: _unreloc_eip
11130. ; +20: _app_siz_fixrectab
11131. ; +24: _app_buf_fixrscstab
11132. ; +28: _app_size_lastpage
11133. mov eax, fs:18h
11134. mov dword ptr a80386ProcessorO+8, eax ; +0: _app_off_datapages
11135. ; +4: _app_off_pageshift
11136. ; +8: _app_eip_object
11137. ; +C: _app_esp_object
11138. ; +10: _app_eip
11139. ; +14: _app_esp
11140. ; +18: _unreloc_eip
11141. ; +20: _app_siz_fixrectab
11142. ; +24: _app_buf_fixrscstab
11143. ; +28: _app_size_lastpage
11144. mov eax, fs:20h
11145. mov dword ptr a80386ProcessorO+0Ch, eax ; +0: _app_off_datapages
11146. ; +4: _app_off_pageshift
11147. ; +8: _app_eip_object
11148. ; +C: _app_esp_object
11149. ; +10: _app_eip
11150. ; +14: _app_esp
11151. ; +18: _unreloc_eip
11152. ; +20: _app_siz_fixrectab
11153. ; +24: _app_buf_fixrscstab
11154. ; +28: _app_size_lastpage
11155. mov eax, fs:1Ch
11156. mov dword ptr a80386ProcessorO+10h, eax ; +0: _app_off_datapages
11157. ; +4: _app_off_pageshift
11158. ; +8: _app_eip_object
11159. ; +C: _app_esp_object
11160. ; +10: _app_eip
11161. ; +14: _app_esp
11162. ; +18: _unreloc_eip
11163. ; +20: _app_siz_fixrectab
11164. ; +24: _app_buf_fixrscstab
11165. ; +28: _app_size_lastpage
11166. mov eax, fs:24h
11167. mov dword ptr a80386ProcessorO+14h, eax ; +0: _app_off_datapages
11168. ; +4: _app_off_pageshift
11169. ; +8: _app_eip_object
11170. ; +C: _app_esp_object
11171. ; +10: _app_eip
11172. ; +14: _app_esp
11173. ; +18: _unreloc_eip
11174. ; +20: _app_siz_fixrectab
11175. ; +24: _app_buf_fixrscstab
11176. ; +28: _app_size_lastpage
11177. mov eax, fs:30h
11178. mov dword ptr a80386ProcessorO+20h, eax ; +0: _app_off_datapages
11179. ; +4: _app_off_pageshift
11180. ; +8: _app_eip_object
11181. ; +C: _app_esp_object
11182. ; +10: _app_eip
11183. ; +14: _app_esp
11184. ; +18: _unreloc_eip
11185. ; +20: _app_siz_fixrectab
11186. ; +24: _app_buf_fixrscstab
11187. ; +28: _app_size_lastpage
11188. mov eax, fs:2Ch
11189. mov dword ptr a80386ProcessorO+28h, eax ; +0: _app_off_datapages
11190. ; +4: _app_off_pageshift
11191. ; +8: _app_eip_object
11192. ; +C: _app_esp_object
11193. ; +10: _app_eip
11194. ; +14: _app_esp
11195. ; +18: _unreloc_eip
11196. ; +20: _app_siz_fixrectab
11197. ; +24: _app_buf_fixrscstab
11198. ; +28: _app_size_lastpage
11199. mov eax, 0FFFh
11200. cmp byte ptr aSystemSoftwareD+3, 0 ; +3: _app_type
11201. ; +4: _app_load
11202. jz short loc_153C8
11203. mov ax, 1
11204. mov cx, fs:2Ch
11205. shl ax, cl
11206. dec ax
11207.  
11208. loc_153C8: ; +0: _app_off_datapages
11209. mov dword ptr a80386ProcessorO+4, eax ; +4: _app_off_pageshift
11210. ; +8: _app_eip_object
11211. ; +C: _app_esp_object
11212. ; +10: _app_eip
11213. ; +14: _app_esp
11214. ; +18: _unreloc_eip
11215. ; +20: _app_siz_fixrectab
11216. ; +24: _app_buf_fixrscstab
11217. ; +28: _app_size_lastpage
11218. retn
11219. load_header endp
11220.  
11221.  
11222. ; =============== S U B R O U T I N E =======================================
11223.  
11224.  
11225. load_object proc near
11226.  
11227. var_4 = word ptr -4
11228.  
11229. ; FUNCTION CHUNK AT 2A93 SIZE 00000088 BYTES
11230.  
11231. push ecx
11232. cmp byte ptr aSystemSoftwareD+3, 2 ; +3: _app_type
11233. ; +4: _app_load
11234. jz load_lc_object
11235. mov _err_code, 3002h
11236. mov edx, dword ptr aThisProgramRequ+18h ; +4: _exec_handle
11237. ; +8: _exec_start
11238. ; +C: _srcaddr
11239. ; +10: _codesize
11240. ; +14: _app_num_objects
11241. ; +18: _app_off_objects
11242. ; +1C: _app_off_pagetab
11243. ; +20: _app_off_fixpagetab
11244. ; +24: _app_off_fixrectab
11245. call seek_from_start
11246. mov ecx, 18h
11247. xor edx, edx
11248. call load_fs_block
11249. add dword ptr aThisProgramRequ+18h, eax ; +4: _exec_handle
11250. ; +8: _exec_start
11251. ; +C: _srcaddr
11252. ; +10: _codesize
11253. ; +14: _app_num_objects
11254. ; +18: _app_off_objects
11255. ; +1C: _app_off_pagetab
11256. ; +20: _app_off_fixpagetab
11257. ; +24: _app_off_fixrectab
11258. mov edx, dword ptr a80386ProcessorO ; +0: _app_off_datapages
11259. ; +4: _app_off_pageshift
11260. ; +8: _app_eip_object
11261. ; +C: _app_esp_object
11262. ; +10: _app_eip
11263. ; +14: _app_esp
11264. ; +18: _unreloc_eip
11265. ; +20: _app_siz_fixrectab
11266. ; +24: _app_buf_fixrscstab
11267. ; +28: _app_size_lastpage
11268. call seek_from_start
11269. mov eax, fs:0
11270. mov ebx, fs:10h
11271. mov ecx, fs:8
11272. mov esi, fs:0Ch
11273. push ecx
11274. call alloc_block
11275. mov ecx, eax
11276. mov ebp, eax
11277. mov edx, edi
11278. call fill_zero_pages
11279. mov eax, ebx
11280. test eax, eax
11281. jz short loc_1548E
11282. shl eax, 0Ch
11283. cmp eax, ecx
11284. jnb short loc_1543B
11285. mov ecx, eax
11286.  
11287. loc_1543B:
11288. mov ax, [esp+8+var_4]
11289. cmp ax, word ptr aThisProgramRequ+14h ; +4: _exec_handle
11290. ; +8: _exec_start
11291. ; +C: _srcaddr
11292. ; +10: _codesize
11293. ; +14: _app_num_objects
11294. ; +18: _app_off_objects
11295. ; +1C: _app_off_pagetab
11296. ; +20: _app_off_fixpagetab
11297. ; +24: _app_off_fixrectab
11298. jnz short loc_15464
11299. cmp byte ptr aSystemSoftwareD+3, 0 ; +3: _app_type
11300. ; +4: _app_load
11301. jnz short loc_1545D
11302. lea ecx, [ebx-1]
11303. shl ecx, 0Ch
11304. add ecx, dword ptr a80386ProcessorO+28h ; +0: _app_off_datapages
11305. ; +4: _app_off_pageshift
11306. ; +8: _app_eip_object
11307. ; +C: _app_esp_object
11308. ; +10: _app_eip
11309. ; +14: _app_esp
11310. ; +18: _unreloc_eip
11311. ; +20: _app_siz_fixrectab
11312. ; +24: _app_buf_fixrscstab
11313. ; +28: _app_size_lastpage
11314. jmp short loc_15464
11315. ; ---------------------------------------------------------------------------
11316.  
11317. loc_1545D:
11318. mov ecx, ebx
11319. shl ecx, 0Ch
11320.  
11321. loc_15464:
11322. mov _err_code, 3002h
11323. call load_gs_block
11324. mov eax, ecx
11325. mov edx, dword ptr a80386ProcessorO+4 ; +0: _app_off_datapages
11326. ; +4: _app_off_pageshift
11327. ; +8: _app_eip_object
11328. ; +C: _app_esp_object
11329. ; +10: _app_eip
11330. ; +14: _app_esp
11331. ; +18: _unreloc_eip
11332. ; +20: _app_siz_fixrectab
11333. ; +24: _app_buf_fixrscstab
11334. ; +28: _app_size_lastpage
11335. test eax, edx
11336. jz short loc_15489
11337. mov ecx, edx
11338. not edx
11339. and eax, edx
11340. lea eax, [eax+ecx+1]
11341.  
11342. loc_15489: ; +0: _app_off_datapages
11343. add dword ptr a80386ProcessorO, eax ; +4: _app_off_pageshift
11344. ; +8: _app_eip_object
11345. ; +C: _app_esp_object
11346. ; +10: _app_eip
11347. ; +14: _app_esp
11348. ; +18: _unreloc_eip
11349. ; +20: _app_siz_fixrectab
11350. ; +24: _app_buf_fixrscstab
11351. ; +28: _app_size_lastpage
11352.  
11353. loc_1548E:
11354. pop edx
11355. pop ecx
11356. retn
11357. load_object endp
11358.  
11359.  
11360. ; =============== S U B R O U T I N E =======================================
11361.  
11362.  
11363. relocate_object proc near
11364.  
11365. var_4 = dword ptr -4
11366.  
11367. xor eax, eax
11368. cmp eax, [ebp+ebx+0]
11369. jnz short loc_1549F
11370. retn
11371. ; ---------------------------------------------------------------------------
11372.  
11373. loc_1549F: ; +3: _app_type
11374. cmp byte ptr aSystemSoftwareD+3, 0 ; +4: _app_load
11375. jnz short relocate_lx_object
11376. mov ecx, [ebp+ebx+4]
11377. mov edx, dword ptr aThisProgramRequ+1Ch ; +4: _exec_handle
11378. ; +8: _exec_start
11379. ; +C: _srcaddr
11380. ; +10: _codesize
11381. ; +14: _app_num_objects
11382. ; +18: _app_off_objects
11383. ; +1C: _app_off_pagetab
11384. ; +20: _app_off_fixpagetab
11385. ; +24: _app_off_fixrectab
11386. lea edx, [edx+ecx*4-4]
11387. mov _err_code, 3002h
11388. call seek_from_start
11389.  
11390. loc_154C0:
11391. push eax
11392. mov ecx, 4
11393. xor edx, edx
11394. mov _err_code, 3002h
11395. call load_fs_block
11396. xor ecx, ecx
11397. mov ch, fs:1
11398. mov cl, fs:2
11399. jcxz short loc_15517
11400. mov eax, dword ptr aThisProgramRequ+20h ; +4: _exec_handle
11401. ; +8: _exec_start
11402. ; +C: _srcaddr
11403. ; +10: _codesize
11404. ; +14: _app_num_objects
11405. ; +18: _app_off_objects
11406. ; +1C: _app_off_pagetab
11407. ; +20: _app_off_fixpagetab
11408. ; +24: _app_off_fixrectab
11409. lea eax, [eax+ecx*4-4]
11410. mov esi, gs:[eax]
11411. mov ecx, gs:[eax+4]
11412. sub ecx, esi
11413. jz short loc_15517
11414. add esi, dword ptr aThisProgramRequ+24h ; +4: _exec_handle
11415. ; +8: _exec_start
11416. ; +C: _srcaddr
11417. ; +10: _codesize
11418. ; +14: _app_num_objects
11419. ; +18: _app_off_objects
11420. ; +1C: _app_off_pagetab
11421. ; +20: _app_off_fixpagetab
11422. ; +24: _app_off_fixrectab
11423. mov edi, [esp]
11424. shl edi, 0Ch
11425. add edi, [ebp+ebx+8]
11426. add ecx, esi
11427. call apply_fixups
11428.  
11429. loc_15517:
11430. pop eax
11431. inc ax
11432. cmp ax, [ebp+ebx+0]
11433. jb short loc_154C0
11434. retn
11435. ; ---------------------------------------------------------------------------
11436.  
11437. relocate_lx_object:
11438. mov ecx, [ebp+ebx+4]
11439. mov edx, dword ptr aThisProgramRequ+20h ; +4: _exec_handle
11440. ; +8: _exec_start
11441. ; +C: _srcaddr
11442. ; +10: _codesize
11443. ; +14: _app_num_objects
11444. ; +18: _app_off_objects
11445. ; +1C: _app_off_pagetab
11446. ; +20: _app_off_fixpagetab
11447. ; +24: _app_off_fixrectab
11448. lea edx, [edx+ecx*4-4]
11449.  
11450. loc_15533:
11451. push eax
11452. push edx
11453. mov esi, gs:[edx]
11454. mov ecx, gs:[edx+4]
11455. sub ecx, esi
11456. jz short loc_15562
11457. add esi, dword ptr aThisProgramRequ+24h ; +4: _exec_handle
11458. ; +8: _exec_start
11459. ; +C: _srcaddr
11460. ; +10: _codesize
11461. ; +14: _app_num_objects
11462. ; +18: _app_off_objects
11463. ; +1C: _app_off_pagetab
11464. ; +20: _app_off_fixpagetab
11465. ; +24: _app_off_fixrectab
11466. mov edi, [esp+8+var_4]
11467. shl edi, 0Ch
11468. add edi, [ebp+ebx+8]
11469. add ecx, esi
11470. call apply_fixups
11471.  
11472. loc_15562:
11473. pop edx
11474. pop eax
11475. add edx, 4
11476. inc ax
11477. cmp ax, [ebp+ebx+0]
11478. jb short loc_15533
11479. retn
11480. relocate_object endp
11481.  
11482.  
11483. ; =============== S U B R O U T I N E =======================================
11484.  
11485.  
11486. apply_fixups proc near
11487. push ecx
11488. push edi
11489. mov _err_code, 4005h
11490. mov cx, gs:[esi]
11491. movsx edx, word ptr gs:[esi+2]
11492. movzx eax, word ptr gs:[esi+4]
11493. add edi, edx
11494. test cx, 0F20h
11495. jnz file_errorm
11496. test cx, 4000h
11497. jnz short loc_155A4
11498. mov ah, 0
11499. dec esi
11500.  
11501. loc_155A4:
11502. add esi, 6
11503. dec eax
11504. shl eax, 4
11505. mov edx, dword ptr aThisProgramRequ+0Ch ; +4: _exec_handle
11506. ; +8: _exec_start
11507. ; +C: _srcaddr
11508. ; +10: _codesize
11509. ; +14: _app_num_objects
11510. ; +18: _app_off_objects
11511. ; +1C: _app_off_pagetab
11512. ; +20: _app_off_fixpagetab
11513. ; +24: _app_off_fixrectab
11514. sub edx, eax
11515. jb file_errorm
11516. mov dword ptr aThisProgramRequ+10h, edx ; +4: _exec_handle
11517. ; +8: _exec_start
11518. ; +C: _srcaddr
11519. ; +10: _codesize
11520. ; +14: _app_num_objects
11521. ; +18: _app_off_objects
11522. ; +1C: _app_off_pagetab
11523. ; +20: _app_off_fixpagetab
11524. ; +24: _app_off_fixrectab
11525. mov edx, [ebp+edx+8]
11526. mov al, cl
11527. and al, 0Fh
11528. cmp al, 2
11529. jz short loc_155EA
11530. cmp al, 8
11531. ja file_errorm
11532. mov eax, gs:[esi]
11533. test cx, 1000h
11534. jnz short loc_155E6
11535. movzx eax, ax
11536. sub esi, 2
11537.  
11538. loc_155E6:
11539. add esi, 4
11540.  
11541. loc_155EA:
11542. cmp cl, 7
11543. jnz short loc_15603
11544. add eax, edx
11545. mov gs:[edi], eax
11546.  
11547. loc_155F7:
11548. pop edi
11549. pop ecx
11550. cmp esi, ecx
11551. jb apply_fixups
11552. retn
11553. ; ---------------------------------------------------------------------------
11554.  
11555. loc_15603:
11556. push si
11557. mov si, cx
11558. and si, 0Fh
11559. add si, si
11560. mov _err_code, 4006h
11561. call fix_tab[si]
11562. pop si
11563. jmp short loc_155F7
11564. apply_fixups endp
11565.  
11566. ; ---------------------------------------------------------------------------
11567.  
11568. fix_byte:
11569. mov gs:[edi], al
11570. retn
11571. ; ---------------------------------------------------------------------------
11572.  
11573. fix_16off:
11574. mov gs:[edi], ax
11575. retn
11576. ; ---------------------------------------------------------------------------
11577.  
11578. fix_32off:
11579. add eax, edx
11580. mov gs:[edi], eax
11581. retn
11582. ; ---------------------------------------------------------------------------
11583.  
11584. fix_32selfref:
11585. add eax, edx
11586. lea ecx, [edi+4]
11587. sub eax, ecx
11588. test word ptr [ebp+ebx+0Ch], 2000h
11589. jnz short loc_15654
11590. lea ecx, [eax+8002h]
11591. shr ecx, 10h
11592. jnz file_errorm
11593. mov gs:[edi], ax
11594. retn
11595. ; ---------------------------------------------------------------------------
11596.  
11597. loc_15654:
11598. mov gs:[edi], eax
11599. retn
11600. ; ---------------------------------------------------------------------------
11601.  
11602. fix_16sel:
11603. call check_range
11604. mov gs:[edi], dx
11605. retn
11606. ; ---------------------------------------------------------------------------
11607.  
11608. fix_1616ptr:
11609. call check_range
11610. mov gs:[edi], ax
11611. mov gs:[edi+2], dx
11612. retn
11613. ; ---------------------------------------------------------------------------
11614.  
11615. fix_1632ptr:
11616. add eax, edx
11617. mov gs:[edi], eax
11618. call check_range
11619. mov gs:[edi+4], dx
11620. retn
11621. ; ---------------------------------------------------------------------------
11622.  
11623. fix_invalid:
11624. mov ax, 4005h
11625. jmp file_error
11626.  
11627. ; =============== S U B R O U T I N E =======================================
11628.  
11629.  
11630. check_range proc near
11631. test word ptr [ebp+ebx+0Ch], 1000h
11632. jnz short loc_1569F
11633. test cl, 10h
11634. jnz short loc_1569F
11635.  
11636. loc_15694: ; +4: _exec_handle
11637. mov ecx, dword ptr aThisProgramRequ+10h ; +8: _exec_start
11638. ; +C: _srcaddr
11639. ; +10: _codesize
11640. ; +14: _app_num_objects
11641. ; +18: _app_off_objects
11642. ; +1C: _app_off_pagetab
11643. ; +20: _app_off_fixpagetab
11644. ; +24: _app_off_fixrectab
11645. mov dx, [ebp+ecx+0Eh]
11646. retn
11647. ; ---------------------------------------------------------------------------
11648.  
11649. loc_1569F:
11650. test cl, 10h
11651. jz short loc_15694
11652. mov ecx, dword ptr aThisProgramRequ+10h ; +4: _exec_handle
11653. ; +8: _exec_start
11654. ; +C: _srcaddr
11655. ; +10: _codesize
11656. ; +14: _app_num_objects
11657. ; +18: _app_off_objects
11658. ; +1C: _app_off_pagetab
11659. ; +20: _app_off_fixpagetab
11660. ; +24: _app_off_fixrectab
11661. mov dx, [ebp+ecx+0Eh]
11662. test eax, 0FFFF0000h
11663. jnz file_errorm
11664. retn
11665. check_range endp
11666.  
11667. ; ---------------------------------------------------------------------------
11668. align 2
11669. fix_tab dw offset fix_byte
11670. dw offset fix_invalid
11671. dw offset fix_16sel
11672. dw offset fix_1616ptr
11673. dw offset fix_invalid
11674. dw offset fix_16off
11675. dw offset fix_1632ptr
11676. dw offset fix_32off
11677. dw offset fix_32selfref
11678.  
11679. ; =============== S U B R O U T I N E =======================================
11680.  
11681.  
11682. fill_zero_pages proc near
11683. push es
11684. push dx
11685. push eax
11686. push ecx
11687. push edi
11688. push gs
11689. pop es
11690. mov dl, cl
11691. shr ecx, 2
11692. xor eax, eax
11693. rep stos dword ptr es:[edi]
11694. mov cl, dl
11695. and cl, 3
11696. rep stos byte ptr es:[edi]
11697. pop edi
11698. pop ecx
11699. pop eax
11700. pop dx
11701. pop es
11702. retn
11703. fill_zero_pages endp
11704.  
11705.  
11706. ; =============== S U B R O U T I N E =======================================
11707.  
11708.  
11709. alloc_block proc near
11710.  
11711. arg_4 = word ptr 6
11712.  
11713. ; FUNCTION CHUNK AT 024E SIZE 00000004 BYTES
11714. ; FUNCTION CHUNK AT 046B SIZE 00000006 BYTES
11715.  
11716. push dx
11717. test eax, eax
11718. jz short loc_15712
11719. mov dl, _misc_byte_1
11720. shr dx, 4
11721. and dx, 3
11722. jz short loc_15726
11723. dec dx
11724. jz short loc_15739
11725. dec dx
11726. jz short loc_15758
11727. dec dx
11728. jz short loc_15766
11729.  
11730. loc_15710:
11731. pop dx
11732. retn
11733. ; ---------------------------------------------------------------------------
11734.  
11735. loc_15712:
11736. push ax
11737. push si
11738. mov si, [esp+6+arg_4]
11739. mov ax, 9005h
11740. call report_error
11741. pop si
11742. pop ax
11743. pop dx
11744. xor edi, edi
11745. retn
11746. ; ---------------------------------------------------------------------------
11747.  
11748. loc_15726:
11749. call alloc_dos_mem
11750. jnb short loc_15710
11751. mov _err_code, 4003h
11752. call alloc_dpmi_mem
11753. jnb short loc_15710
11754. jmp file_errorm
11755. ; ---------------------------------------------------------------------------
11756.  
11757. loc_15739:
11758. test cx, 2000h
11759. jnz short loc_1574A
11760. mov _err_code, 4002h
11761. call alloc_dos_mem
11762. jnb short loc_15710
11763.  
11764. loc_1574A:
11765. mov _err_code, 4003h
11766. call alloc_dpmi_mem
11767. jnb short loc_15710
11768. jmp file_errorm
11769. ; ---------------------------------------------------------------------------
11770.  
11771. loc_15758:
11772. mov _err_code, 4002h
11773. call alloc_dos_mem
11774. jnb short loc_15710
11775. jmp file_errorm
11776. ; ---------------------------------------------------------------------------
11777.  
11778. loc_15766:
11779. mov _err_code, 4003h
11780. call alloc_dpmi_mem
11781. jnb short loc_15710
11782. jmp file_errorm
11783. alloc_block endp ; sp-analysis failed
11784.  
11785.  
11786. ; =============== S U B R O U T I N E =======================================
11787.  
11788.  
11789. alloc_dos_mem proc near
11790. push eax
11791. push ebp
11792. add eax, 0Fh
11793. shr eax, 4
11794. test eax, 0FFFF0000h
11795. stc
11796. jnz short loc_157B2
11797. sub esp, 32h
11798. mov ebp, esp
11799. mov byte ptr [ebp+1Dh], 48h ; 'H'
11800. mov [ebp+10h], ax
11801. call int21h
11802. movzx edi, word ptr [ebp+1Ch]
11803. shl edi, 4
11804. bt word ptr [ebp+20h], 0
11805. lea esp, [esp+32h]
11806.  
11807. loc_157B2:
11808. pop ebp
11809. pop eax
11810. retn
11811. alloc_dos_mem endp
11812.  
11813.  
11814. ; =============== S U B R O U T I N E =======================================
11815.  
11816.  
11817. alloc_dpmi_mem proc near
11818. push esi
11819. push ebx
11820. push ecx
11821. push edx
11822. push eax
11823. mov ebx, eax
11824. mov ax, 0FF91h
11825. int 21h ; DOS - DOS v??? - OEM FUNCTION
11826. jb short loc_1582A
11827. mov eax, ebx
11828. xor edx, edx
11829. test _misc_byte_2, 4
11830. jnz short loc_157DE
11831. test al, 0Fh
11832. jz short loc_15810
11833. jmp short loc_157E3
11834. ; ---------------------------------------------------------------------------
11835.  
11836. loc_157DE:
11837. test ax, 0FFFh
11838. jz short loc_15810
11839.  
11840. loc_157E3:
11841. test _misc_byte_2, 4
11842. jnz short loc_157F3
11843. add ebx, 0Fh
11844. and bl, 0F0h
11845. jmp short loc_157FE
11846. ; ---------------------------------------------------------------------------
11847.  
11848. loc_157F3:
11849. add ebx, 0FFFh
11850. and bx, 0F000h
11851.  
11852. loc_157FE:
11853. sub ebx, eax
11854. mov edx, ebx
11855. add ebx, [esp]
11856. mov ax, 0FF93h
11857. int 21h ; DOS - DOS v??? - OEM FUNCTION
11858. jb short loc_1582A
11859.  
11860. loc_15810:
11861. lea edi, [ebx+edx]
11862. test _misc_byte_2, 4
11863. jnz short loc_15822
11864. test di, 0Fh
11865. jmp short loc_15826
11866. ; ---------------------------------------------------------------------------
11867.  
11868. loc_15822:
11869. test di, 0FFFh
11870.  
11871. loc_15826:
11872. stc
11873. jnz short loc_1582A
11874. clc
11875.  
11876. loc_1582A:
11877. pop eax
11878. pop edx
11879. pop ecx
11880. pop ebx
11881. pop esi
11882. retn
11883. alloc_dpmi_mem endp
11884.  
11885.  
11886. ; =============== S U B R O U T I N E =======================================
11887.  
11888.  
11889. create_selector proc near
11890.  
11891. var_A = word ptr -0Ah
11892.  
11893. push ebx
11894. push ecx
11895. push edx
11896. push esi
11897. push edi
11898. mov ax, dx
11899. mov ecx, ebp
11900. mov dx, _acc_rights
11901. test al, 4
11902. jz short loc_1584F
11903. or dl, 8
11904.  
11905. loc_1584F:
11906. test ax, 2000h
11907. jz short loc_1586B
11908. xor edi, edi
11909. or ecx, 0FFFFFFFFh
11910. test al, 4
11911. mov ax, _sel32_cs
11912. jnz short loc_15865
11913. mov ax, _sel32_ss
11914.  
11915. loc_15865:
11916. test ax, ax
11917. jnz short loc_15876
11918. jmp short loc_1586F
11919. ; ---------------------------------------------------------------------------
11920.  
11921. loc_1586B:
11922. and dx, 0BFFFh
11923.  
11924. loc_1586F:
11925. call set_descriptor
11926. jb dpmi_error
11927.  
11928. loc_15876:
11929. pop edi
11930. pop esi
11931. mov [esp+0Ch+var_A], ax
11932. pop edx
11933. pop ecx
11934. pop ebx
11935. mov word ptr get_environ_config[ecx*2], ax ; also _app_buf_allocsel
11936. mov dword ptr _app_buf_allocbase[ecx*4], edi
11937. cmp cx, word ptr a80386ProcessorO+8 ; +0: _app_off_datapages
11938. ; +4: _app_off_pageshift
11939. ; +8: _app_eip_object
11940. ; +C: _app_esp_object
11941. ; +10: _app_eip
11942. ; +14: _app_esp
11943. ; +18: _unreloc_eip
11944. ; +20: _app_siz_fixrectab
11945. ; +24: _app_buf_fixrscstab
11946. ; +28: _app_size_lastpage
11947. jnz short loc_158AF
11948. mov _sel32_cs, ax
11949. mov dword ptr a80386ProcessorO+18h, edi ; +0: _app_off_datapages
11950. ; +4: _app_off_pageshift
11951. ; +8: _app_eip_object
11952. ; +C: _app_esp_object
11953. ; +10: _app_eip
11954. ; +14: _app_esp
11955. ; +18: _unreloc_eip
11956. ; +20: _app_siz_fixrectab
11957. ; +24: _app_buf_fixrscstab
11958. ; +28: _app_size_lastpage
11959. test dx, 2000h
11960. jz short loc_158AF
11961. add dword ptr a80386ProcessorO+10h, edi ; +0: _app_off_datapages
11962. ; +4: _app_off_pageshift
11963. ; +8: _app_eip_object
11964. ; +C: _app_esp_object
11965. ; +10: _app_eip
11966. ; +14: _app_esp
11967. ; +18: _unreloc_eip
11968. ; +20: _app_siz_fixrectab
11969. ; +24: _app_buf_fixrscstab
11970. ; +28: _app_size_lastpage
11971.  
11972. loc_158AF: ; +0: _app_off_datapages
11973. cmp cx, word ptr a80386ProcessorO+0Ch ; +4: _app_off_pageshift
11974. ; +8: _app_eip_object
11975. ; +C: _app_esp_object
11976. ; +10: _app_eip
11977. ; +14: _app_esp
11978. ; +18: _unreloc_eip
11979. ; +20: _app_siz_fixrectab
11980. ; +24: _app_buf_fixrscstab
11981. ; +28: _app_size_lastpage
11982. jnz short locret_158C2
11983. mov _sel32_ss, ax
11984. mov dword ptr a80386ProcessorO+1Ch, edi ; +0: _app_off_datapages
11985. ; +4: _app_off_pageshift
11986. ; +8: _app_eip_object
11987. ; +C: _app_esp_object
11988. ; +10: _app_eip
11989. ; +14: _app_esp
11990. ; +18: _unreloc_eip
11991. ; +20: _app_siz_fixrectab
11992. ; +24: _app_buf_fixrscstab
11993. ; +28: _app_size_lastpage
11994. add dword ptr a80386ProcessorO+14h, edi ; +0: _app_off_datapages
11995. ; +4: _app_off_pageshift
11996. ; +8: _app_eip_object
11997. ; +C: _app_esp_object
11998. ; +10: _app_eip
11999. ; +14: _app_esp
12000. ; +18: _unreloc_eip
12001. ; +20: _app_siz_fixrectab
12002. ; +24: _app_buf_fixrscstab
12003. ; +28: _app_size_lastpage
12004.  
12005. locret_158C2:
12006. retn
12007. create_selector endp
12008.  
12009.  
12010. ; =============== S U B R O U T I N E =======================================
12011.  
12012.  
12013. preload_fixups proc near
12014.  
12015. ; FUNCTION CHUNK AT 2B1B SIZE 00000080 BYTES
12016.  
12017. cmp byte ptr aSystemSoftwareD+3, 2 ; +3: _app_type
12018. ; +4: _app_load
12019. jz preload_lc_fixups
12020. mov ebx, dword ptr a80386ProcessorO+20h ; +0: _app_off_datapages
12021. ; +4: _app_off_pageshift
12022. ; +8: _app_eip_object
12023. ; +C: _app_esp_object
12024. ; +10: _app_eip
12025. ; +14: _app_esp
12026. ; +18: _unreloc_eip
12027. ; +20: _app_siz_fixrectab
12028. ; +24: _app_buf_fixrscstab
12029. ; +28: _app_size_lastpage
12030. mov byte ptr aSystemSoftwareD+4, 0 ; +3: _app_type
12031. ; +4: _app_load
12032. mov ax, 0FF95h
12033. int 21h ; DOS - DOS v??? - OEM FUNCTION
12034. jnb short loc_158ED
12035. mov byte ptr aSystemSoftwareD+4, 1 ; +3: _app_type
12036. ; +4: _app_load
12037. mov al, 91h ; '‘'
12038. int 21h ; DOS - DOS v??? - OEM FUNCTION
12039. mov ax, 4004h
12040. jb file_error
12041.  
12042. loc_158ED: ; +0: _app_off_datapages
12043. mov dword ptr a80386ProcessorO+24h, esi ; +4: _app_off_pageshift
12044. ; +8: _app_eip_object
12045. ; +C: _app_esp_object
12046. ; +10: _app_eip
12047. ; +14: _app_esp
12048. ; +18: _unreloc_eip
12049. ; +20: _app_siz_fixrectab
12050. ; +24: _app_buf_fixrscstab
12051. ; +28: _app_size_lastpage
12052. mov _err_code, 3002h
12053. mov edx, dword ptr aThisProgramRequ+20h ; +4: _exec_handle
12054. ; +8: _exec_start
12055. ; +C: _srcaddr
12056. ; +10: _codesize
12057. ; +14: _app_num_objects
12058. ; +18: _app_off_objects
12059. ; +1C: _app_off_pagetab
12060. ; +20: _app_off_fixpagetab
12061. ; +24: _app_off_fixrectab
12062. call seek_from_start
12063. mov edx, ebx
12064. mov ecx, dword ptr a80386ProcessorO+20h ; +0: _app_off_datapages
12065. ; +4: _app_off_pageshift
12066. ; +8: _app_eip_object
12067. ; +C: _app_esp_object
12068. ; +10: _app_eip
12069. ; +14: _app_esp
12070. ; +18: _unreloc_eip
12071. ; +20: _app_siz_fixrectab
12072. ; +24: _app_buf_fixrscstab
12073. ; +28: _app_size_lastpage
12074. call load_gs_block
12075. mov eax, dword ptr aThisProgramRequ+24h ; +4: _exec_handle
12076. ; +8: _exec_start
12077. ; +C: _srcaddr
12078. ; +10: _codesize
12079. ; +14: _app_num_objects
12080. ; +18: _app_off_objects
12081. ; +1C: _app_off_pagetab
12082. ; +20: _app_off_fixpagetab
12083. ; +24: _app_off_fixrectab
12084. mov ebx, dword ptr aThisProgramRequ+20h ; +4: _exec_handle
12085. ; +8: _exec_start
12086. ; +C: _srcaddr
12087. ; +10: _codesize
12088. ; +14: _app_num_objects
12089. ; +18: _app_off_objects
12090. ; +1C: _app_off_pagetab
12091. ; +20: _app_off_fixpagetab
12092. ; +24: _app_off_fixrectab
12093. sub eax, ebx
12094. add eax, edx
12095. mov dword ptr aThisProgramRequ+20h, edx ; +4: _exec_handle
12096. ; +8: _exec_start
12097. ; +C: _srcaddr
12098. ; +10: _codesize
12099. ; +14: _app_num_objects
12100. ; +18: _app_off_objects
12101. ; +1C: _app_off_pagetab
12102. ; +20: _app_off_fixpagetab
12103. ; +24: _app_off_fixrectab
12104. mov dword ptr aThisProgramRequ+24h, eax ; +4: _exec_handle
12105. ; +8: _exec_start
12106. ; +C: _srcaddr
12107. ; +10: _codesize
12108. ; +14: _app_num_objects
12109. ; +18: _app_off_objects
12110. ; +1C: _app_off_pagetab
12111. ; +20: _app_off_fixpagetab
12112. ; +24: _app_off_fixrectab
12113. retn
12114. preload_fixups endp
12115.  
12116.  
12117. ; =============== S U B R O U T I N E =======================================
12118.  
12119.  
12120. unload_fixups proc near
12121.  
12122. ; FUNCTION CHUNK AT 0465 SIZE 00000006 BYTES
12123. ; FUNCTION CHUNK AT 2B9B SIZE 0000000B BYTES
12124.  
12125. cmp byte ptr aSystemSoftwareD+3, 2 ; +3: _app_type
12126. ; +4: _app_load
12127. jz unload_lc_fixups
12128. mov esi, dword ptr a80386ProcessorO+24h ; +0: _app_off_datapages
12129. ; +4: _app_off_pageshift
12130. ; +8: _app_eip_object
12131. ; +C: _app_esp_object
12132. ; +10: _app_eip
12133. ; +14: _app_esp
12134. ; +18: _unreloc_eip
12135. ; +20: _app_siz_fixrectab
12136. ; +24: _app_buf_fixrscstab
12137. ; +28: _app_size_lastpage
12138. mov ax, 0FF96h
12139. cmp byte ptr aSystemSoftwareD+4, 0 ; +3: _app_type
12140. ; +4: _app_load
12141. jz short loc_1593E
12142. mov al, 92h ; '’'
12143.  
12144. loc_1593E: ; DOS - DOS v??? - OEM FUNCTION
12145. int 21h
12146. retn
12147. unload_fixups endp
12148.  
12149. ; ---------------------------------------------------------------------------
12150. ; START OF FUNCTION CHUNK FOR load_header
12151.  
12152. load_lc_header:
12153. mov cl, 0Ch
12154. call load_fs_block
12155. xor eax, eax
12156. mov al, fs:4
12157. mov dword ptr aThisProgramRequ+14h, eax ; +4: _exec_handle
12158. ; +8: _exec_start
12159. ; +C: _srcaddr
12160. ; +10: _codesize
12161. ; +14: _app_num_objects
12162. ; +18: _app_off_objects
12163. ; +1C: _app_off_pagetab
12164. ; +20: _app_off_fixpagetab
12165. ; +24: _app_off_fixrectab
12166. mov al, fs:6
12167. mov dword ptr a80386ProcessorO+8, eax ; +0: _app_off_datapages
12168. ; +4: _app_off_pageshift
12169. ; +8: _app_eip_object
12170. ; +C: _app_esp_object
12171. ; +10: _app_eip
12172. ; +14: _app_esp
12173. ; +18: _unreloc_eip
12174. ; +20: _app_siz_fixrectab
12175. ; +24: _app_buf_fixrscstab
12176. ; +28: _app_size_lastpage
12177. mov al, fs:7
12178. mov dword ptr a80386ProcessorO+0Ch, eax ; +0: _app_off_datapages
12179. ; +4: _app_off_pageshift
12180. ; +8: _app_eip_object
12181. ; +C: _app_esp_object
12182. ; +10: _app_eip
12183. ; +14: _app_esp
12184. ; +18: _unreloc_eip
12185. ; +20: _app_siz_fixrectab
12186. ; +24: _app_buf_fixrscstab
12187. ; +28: _app_size_lastpage
12188. mov eax, fs:8
12189. mov dword ptr a80386ProcessorO+10h, eax ; +0: _app_off_datapages
12190. ; +4: _app_off_pageshift
12191. ; +8: _app_eip_object
12192. ; +C: _app_esp_object
12193. ; +10: _app_eip
12194. ; +14: _app_esp
12195. ; +18: _unreloc_eip
12196. ; +20: _app_siz_fixrectab
12197. ; +24: _app_buf_fixrscstab
12198. ; +28: _app_size_lastpage
12199. mov eax, fs:0Ch
12200. mov dword ptr a80386ProcessorO+14h, eax ; +0: _app_off_datapages
12201. ; +4: _app_off_pageshift
12202. ; +8: _app_eip_object
12203. ; +C: _app_esp_object
12204. ; +10: _app_eip
12205. ; +14: _app_esp
12206. ; +18: _unreloc_eip
12207. ; +20: _app_siz_fixrectab
12208. ; +24: _app_buf_fixrscstab
12209. ; +28: _app_size_lastpage
12210. mov al, fs:5
12211. and al, 0Fh
12212. cmp al, 4
12213. mov ax, 3006h
12214. jnz file_error
12215. mov ax, 4007h
12216. cmp _lobufsize, 2000h
12217. jb file_error
12218. retn
12219. ; END OF FUNCTION CHUNK FOR load_header
12220. ; ---------------------------------------------------------------------------
12221. ; START OF FUNCTION CHUNK FOR load_object
12222.  
12223. load_lc_object:
12224. mov ecx, 10h
12225. xor edx, edx
12226. mov _err_code, 3002h
12227. call load_fs_block
12228. mov eax, fs:0
12229. btr eax, 1Fh
12230. setb byte ptr a80386ProcessorO+2Ch ; +0: _app_off_datapages
12231. ; +4: _app_off_pageshift
12232. ; +8: _app_eip_object
12233. ; +C: _app_esp_object
12234. ; +10: _app_eip
12235. ; +14: _app_esp
12236. ; +18: _unreloc_eip
12237. ; +20: _app_siz_fixrectab
12238. ; +24: _app_buf_fixrscstab
12239. ; +28: _app_size_lastpage
12240. push eax
12241. call alloc_block
12242. mov ecx, eax
12243. mov edx, edi
12244. call fill_zero_pages
12245. mov _err_code, 3002h
12246. mov ebx, fs:4
12247. mov ecx, ebx
12248. jecxz loc_15A01
12249. cmp byte ptr a80386ProcessorO+2Ch, 0 ; +0: _app_off_datapages
12250. ; +4: _app_off_pageshift
12251. ; +8: _app_eip_object
12252. ; +C: _app_esp_object
12253. ; +10: _app_eip
12254. ; +14: _app_esp
12255. ; +18: _unreloc_eip
12256. ; +20: _app_siz_fixrectab
12257. ; +24: _app_buf_fixrscstab
12258. ; +28: _app_size_lastpage
12259. jnz short loc_159FE
12260. mov ax, 0FF91h
12261. int 21h ; DOS - DOS v??? - OEM FUNCTION
12262. mov ax, 4003h
12263. jb file_error
12264. mov dword ptr a80386ProcessorO+24h, esi ; +0: _app_off_datapages
12265. ; +4: _app_off_pageshift
12266. ; +8: _app_eip_object
12267. ; +C: _app_esp_object
12268. ; +10: _app_eip
12269. ; +14: _app_esp
12270. ; +18: _unreloc_eip
12271. ; +20: _app_siz_fixrectab
12272. ; +24: _app_buf_fixrscstab
12273. ; +28: _app_size_lastpage
12274. mov edx, ebx
12275. call decompress_data
12276. mov ax, 0FF92h
12277. mov esi, dword ptr a80386ProcessorO+24h ; +0: _app_off_datapages
12278. ; +4: _app_off_pageshift
12279. ; +8: _app_eip_object
12280. ; +C: _app_esp_object
12281. ; +10: _app_eip
12282. ; +14: _app_esp
12283. ; +18: _unreloc_eip
12284. ; +20: _app_siz_fixrectab
12285. ; +24: _app_buf_fixrscstab
12286. ; +28: _app_size_lastpage
12287. int 21h ; DOS - DOS v??? - OEM FUNCTION
12288. jmp short loc_15A01
12289. ; ---------------------------------------------------------------------------
12290.  
12291. loc_159FE:
12292. call load_gs_block
12293.  
12294. loc_15A01:
12295. pop ebp
12296. movzx ebx, word ptr fs:0Eh
12297. movzx edx, word ptr fs:8
12298. movzx esi, word ptr fs:0Ch
12299. pop ecx
12300. retn
12301. ; END OF FUNCTION CHUNK FOR load_object
12302. ; ---------------------------------------------------------------------------
12303. ; START OF FUNCTION CHUNK FOR preload_fixups
12304.  
12305. preload_lc_fixups:
12306. mov ecx, 0Ch
12307. xor edx, edx
12308. mov _err_code, 3002h
12309. call load_fs_block
12310. mov ax, 0FF91h
12311. mov ebx, fs:0
12312. btr ebx, 1Fh
12313. setb byte ptr a80386ProcessorO+2Ch ; +0: _app_off_datapages
12314. ; +4: _app_off_pageshift
12315. ; +8: _app_eip_object
12316. ; +C: _app_esp_object
12317. ; +10: _app_eip
12318. ; +14: _app_esp
12319. ; +18: _unreloc_eip
12320. ; +20: _app_siz_fixrectab
12321. ; +24: _app_buf_fixrscstab
12322. ; +28: _app_size_lastpage
12323. mov ecx, ebx
12324. inc ebx
12325. int 21h ; DOS - DOS v??? - OEM FUNCTION
12326. mov ax, 4003h
12327. jb file_error
12328. mov edx, ebx
12329. mov edi, ebx
12330. mov dword ptr a80386ProcessorO+24h, esi ; +0: _app_off_datapages
12331. ; +4: _app_off_pageshift
12332. ; +8: _app_eip_object
12333. ; +C: _app_esp_object
12334. ; +10: _app_eip
12335. ; +14: _app_esp
12336. ; +18: _unreloc_eip
12337. ; +20: _app_siz_fixrectab
12338. ; +24: _app_buf_fixrscstab
12339. ; +28: _app_size_lastpage
12340. call fill_zero_pages
12341. mov ebx, fs:4
12342. mov ecx, ebx
12343. cmp byte ptr a80386ProcessorO+2Ch, 0 ; +0: _app_off_datapages
12344. ; +4: _app_off_pageshift
12345. ; +8: _app_eip_object
12346. ; +C: _app_esp_object
12347. ; +10: _app_eip
12348. ; +14: _app_esp
12349. ; +18: _unreloc_eip
12350. ; +20: _app_siz_fixrectab
12351. ; +24: _app_buf_fixrscstab
12352. ; +28: _app_size_lastpage
12353. jnz short loc_15A87
12354. mov ax, 0FF91h
12355. inc ebx
12356. int 21h ; DOS - DOS v??? - OEM FUNCTION
12357. mov ax, 4003h
12358. jb file_error
12359. mov edx, ebx
12360. call decompress_data
12361. mov ax, 0FF92h
12362. int 21h ; DOS - DOS v??? - OEM FUNCTION
12363. jmp short loc_15A8A
12364. ; ---------------------------------------------------------------------------
12365.  
12366. loc_15A87:
12367. call load_gs_block
12368.  
12369. loc_15A8A: ; +4: _exec_handle
12370. mov dword ptr aThisProgramRequ+20h, edi ; +8: _exec_start
12371. ; +C: _srcaddr
12372. ; +10: _codesize
12373. ; +14: _app_num_objects
12374. ; +18: _app_off_objects
12375. ; +1C: _app_off_pagetab
12376. ; +20: _app_off_fixpagetab
12377. ; +24: _app_off_fixrectab
12378. add edi, fs:8
12379. mov dword ptr aThisProgramRequ+24h, edi ; +4: _exec_handle
12380. ; +8: _exec_start
12381. ; +C: _srcaddr
12382. ; +10: _codesize
12383. ; +14: _app_num_objects
12384. ; +18: _app_off_objects
12385. ; +1C: _app_off_pagetab
12386. ; +20: _app_off_fixpagetab
12387. ; +24: _app_off_fixrectab
12388. retn
12389. ; END OF FUNCTION CHUNK FOR preload_fixups
12390. ; ---------------------------------------------------------------------------
12391. ; START OF FUNCTION CHUNK FOR unload_fixups
12392.  
12393. unload_lc_fixups:
12394. mov ax, 0FF92h
12395. mov esi, dword ptr a80386ProcessorO+24h ; +0: _app_off_datapages
12396. ; +4: _app_off_pageshift
12397. ; +8: _app_eip_object
12398. ; +C: _app_esp_object
12399. ; +10: _app_eip
12400. ; +14: _app_esp
12401. ; +18: _unreloc_eip
12402. ; +20: _app_siz_fixrectab
12403. ; +24: _app_buf_fixrscstab
12404. ; +28: _app_size_lastpage
12405. int 21h ; DOS - DOS v??? - OEM FUNCTION
12406. retn
12407. ; END OF FUNCTION CHUNK FOR unload_fixups
12408.  
12409. ; =============== S U B R O U T I N E =======================================
12410.  
12411.  
12412. decompress_data proc near
12413. call load_gs_block
12414.  
12415. decompress:
12416. pushad
12417. mov byte ptr aSystemSoftwareD+4, 0 ; +3: _app_type
12418. ; +4: _app_load
12419. mov dword ptr aThisProgramRequ+0Ch, ebx ; +4: _exec_handle
12420. ; +8: _exec_start
12421. ; +C: _srcaddr
12422. ; +10: _codesize
12423. ; +14: _app_num_objects
12424. ; +18: _app_off_objects
12425. ; +1C: _app_off_pagetab
12426. ; +20: _app_off_fixpagetab
12427. ; +24: _app_off_fixrectab
12428. mov dword ptr aThisProgramRequ+10h, ecx ; +4: _exec_handle
12429. ; +8: _exec_start
12430. ; +C: _srcaddr
12431. ; +10: _codesize
12432. ; +14: _app_num_objects
12433. ; +18: _app_off_objects
12434. ; +1C: _app_off_pagetab
12435. ; +20: _app_off_fixpagetab
12436. ; +24: _app_off_fixrectab
12437. push edi
12438. mov ecx, _lobufsize
12439. mov esi, _lobufbase
12440. mov edi, _lobufzero
12441. call fill_zero_pages
12442. pop edi
12443. xor bx, bx
12444. mov edx, 0FEEh
12445.  
12446. loc_15AD8:
12447. shr bx, 1
12448. and dx, 0FFFh
12449. test bh, 1
12450. jz short loc_15B02
12451.  
12452. loc_15AE3:
12453. test bl, 1
12454. jz short loc_15B0E
12455. call getbyte
12456. js short loc_15AFA
12457. mov [esi+edx], al
12458. mov gs:[edi], al
12459. inc dx
12460. inc edi
12461. jmp short loc_15AD8
12462. ; ---------------------------------------------------------------------------
12463.  
12464. loc_15AFA: ; +4: _exec_handle
12465. mov dword ptr aThisProgramRequ+10h, edi ; +8: _exec_start
12466. ; +C: _srcaddr
12467. ; +10: _codesize
12468. ; +14: _app_num_objects
12469. ; +18: _app_off_objects
12470. ; +1C: _app_off_pagetab
12471. ; +20: _app_off_fixpagetab
12472. ; +24: _app_off_fixrectab
12473. popad
12474. retn
12475. ; ---------------------------------------------------------------------------
12476.  
12477. loc_15B02:
12478. call getbyte
12479. js short loc_15AFA
12480. or ah, 0FFh
12481. mov bx, ax
12482. jmp short loc_15AE3
12483. ; ---------------------------------------------------------------------------
12484.  
12485. loc_15B0E:
12486. call getbyte
12487. js short loc_15AFA
12488. mov cl, al
12489. call getbyte
12490. js short loc_15AFA
12491. mov ch, al
12492. shr ch, 4
12493. and ax, 0Fh
12494. add al, 2
12495. mov bp, ax
12496. test ax, ax
12497. jl short loc_15AD8
12498.  
12499. loc_15B2A:
12500. and cx, 0FFFh
12501. and dx, 0FFFh
12502. mov al, [esi+ecx]
12503. mov [esi+edx], al
12504. mov gs:[edi], al
12505. inc cx
12506. inc dx
12507. inc edi
12508. dec bp
12509. jns short loc_15B2A
12510. jmp short loc_15AD8
12511. decompress_data endp
12512.  
12513.  
12514. ; =============== S U B R O U T I N E =======================================
12515.  
12516.  
12517. getbyte proc near
12518. mov eax, dword ptr aThisProgramRequ+0Ch ; +4: _exec_handle
12519. ; +8: _exec_start
12520. ; +C: _srcaddr
12521. ; +10: _codesize
12522. ; +14: _app_num_objects
12523. ; +18: _app_off_objects
12524. ; +1C: _app_off_pagetab
12525. ; +20: _app_off_fixpagetab
12526. ; +24: _app_off_fixrectab
12527. mov al, gs:[eax]
12528. xor al, byte ptr aSystemSoftwareD+4 ; +3: _app_type
12529. ; +4: _app_load
12530. inc dword ptr aThisProgramRequ+0Ch ; +4: _exec_handle
12531. ; +8: _exec_start
12532. ; +C: _srcaddr
12533. ; +10: _codesize
12534. ; +14: _app_num_objects
12535. ; +18: _app_off_objects
12536. ; +1C: _app_off_pagetab
12537. ; +20: _app_off_fixpagetab
12538. ; +24: _app_off_fixrectab
12539. mov byte ptr aSystemSoftwareD+4, al ; +3: _app_type
12540. ; +4: _app_load
12541. dec dword ptr aThisProgramRequ+10h ; +4: _exec_handle
12542. ; +8: _exec_start
12543. ; +C: _srcaddr
12544. ; +10: _codesize
12545. ; +14: _app_num_objects
12546. ; +18: _app_off_objects
12547. ; +1C: _app_off_pagetab
12548. ; +20: _app_off_fixpagetab
12549. ; +24: _app_off_fixrectab
12550. retn
12551. getbyte endp
12552.  
12553. ; ---------------------------------------------------------------------------
12554. ; START OF FUNCTION CHUNK FOR start
12555.  
12556. load_pe_app: ; +3: _app_type
12557. mov byte ptr aSystemSoftwareD+3, 3 ; +4: _app_load
12558. mov ax, 3004h
12559. jmp file_error
12560. ; END OF FUNCTION CHUNK FOR start
12561. assume ss:seg003, ds:nothing
12562.  
12563. ; =============== S U B R O U T I N E =======================================
12564.  
12565.  
12566. public start
12567. start proc near
12568.  
12569. var_12 = byte ptr -12h
12570.  
12571. ; FUNCTION CHUNK AT 2C61 SIZE 0000000B BYTES
12572. ; FUNCTION CHUNK AT 2E0A SIZE 0000005D BYTES
12573.  
12574. push cs
12575. pop ds
12576. assume ds:TEXT16
12577. mov _seg_ds, ds
12578. mov _seg_es, es
12579. mov _seg_ss, ss
12580. mov ax, es:2Ch
12581. mov _seg_env, ax
12582. sti
12583. cld
12584. call get_default_config
12585. call get_environ_config ; also _app_buf_allocsel
12586. call copyright
12587. mov ax, ss
12588. mov si, es:2
12589. add ax, 0C0h ; 'À'
12590. mov _seg_buf, ax
12591. add ax, _lowmembuf
12592. mov _membase, ax
12593. sub si, ax
12594. jnb short loc_15BB6
12595.  
12596. @err1:
12597. neg si
12598. mov cl, 6
12599. shr si, cl
12600.  
12601. loc_15BAA:
12602. mov ax, 1001h
12603.  
12604. loc_15BAD:
12605. jmp report_error
12606. ; ---------------------------------------------------------------------------
12607.  
12608. @err2:
12609. mov ax, 1002h
12610. jmp report_error
12611. ; ---------------------------------------------------------------------------
12612.  
12613. loc_15BB6:
12614. sub ax, _seg_es
12615. mov bx, ax
12616. mov ah, 4Ah
12617. int 21h ; DOS - 2+ - ADJUST MEMORY BLOCK SIZE (SETBLOCK)
12618. ; ES = segment address of block to change
12619. ; BX = new size in paragraphs
12620. jb short @err2
12621. call pm32_info ; also mem_ptr
12622. pushf ; DOS32AWE ADDITION BEGIN: reject VCPI/DPMI
12623. cmp ch, 1
12624. jle short loc_15BD4
12625. mov ax, 8
12626. popf
12627. jmp report_error
12628. ; ---------------------------------------------------------------------------
12629.  
12630. loc_15BD4: ; DOS32AWE ADDITION END
12631. popf
12632. jnb short loc_15BDA
12633. jmp report_error
12634. ; ---------------------------------------------------------------------------
12635.  
12636. loc_15BDA:
12637. mov _buf_size, bx
12638. mov word ptr _cpu_type, cx
12639. call remove_kernel
12640. mov ax, _membase
12641. mov si, es:2
12642. add ax, bx
12643. sub si, ax
12644. jb short @err1
12645. add bx, _membase
12646. sub bx, _seg_es
12647. mov ah, 4Ah
12648. int 21h ; DOS - 2+ - ADJUST MEMORY BLOCK SIZE (SETBLOCK)
12649. ; ES = segment address of block to change
12650. ; BX = new size in paragraphs
12651. jb short @err2
12652. movzx eax, _seg_buf
12653. mov edx, eax
12654. sub ax, _seg_ds
12655. shl edx, 4
12656. shl eax, 4
12657. mov _lobufbase, eax
12658. mov _lobufzero, edx
12659. movzx eax, _seg_ds
12660. shl eax, 4
12661. mov dword_15FB6, eax
12662. movzx eax, _lowmembuf
12663. shl eax, 4
12664. mov _lobufsize, eax
12665. mov es, _membase
12666. mov bx, _version
12667. mov dx, offset critical_handler
12668. call pm32_init_new
12669. jb report_error
12670. cli
12671. mov _sel_cs, cs
12672. mov _sel_ds, ds
12673. mov _sel_es, es
12674. mov _sel_ss, ss
12675. mov _sel_esp, esp
12676. mov ax, es:2Ch
12677. mov _sel_env, ax
12678. mov _process_id, si
12679. push di
12680. push ecx
12681. call init_system
12682. call save_inttab
12683. call verbose_showsys
12684. pop ecx
12685. pop di
12686. sti
12687. call check_system
12688. mov fs, _sel_ss
12689. mov gs, _sel_zero
12690. call open_exec
12691. call load_exec_header
12692. call check_command_line
12693. cmp dx, 40h ; '@'
12694. jnz short loc_15CA2
12695. mov edx, dword ptr aThisProgramRequ+8 ; +4: _exec_handle
12696. ; +8: _exec_start
12697. ; +C: _srcaddr
12698. ; +10: _codesize
12699. ; +14: _app_num_objects
12700. ; +18: _app_off_objects
12701. ; +1C: _app_off_pagetab
12702. ; +20: _app_off_fixpagetab
12703. ; +24: _app_off_fixrectab
12704. test dx, dx
12705. jnz short load_bound_app
12706.  
12707. loc_15CA2:
12708. test si, si
12709. jnz short load_extrn_app
12710. call close_exec
12711. mov ax, 8001h
12712. jmp report_error
12713. ; ---------------------------------------------------------------------------
12714.  
12715. load_extrn_app:
12716. call close_exec
12717. call open_extrn_exec
12718. call load_extrn_exec_header
12719. call update_environment
12720. call remove_name_from_cmd
12721. mov edx, dword ptr aThisProgramRequ+8 ; +4: _exec_handle
12722. ; +8: _exec_start
12723. ; +C: _srcaddr
12724. ; +10: _codesize
12725. ; +14: _app_num_objects
12726. ; +18: _app_off_objects
12727. ; +1C: _app_off_pagetab
12728. ; +20: _app_off_fixpagetab
12729. ; +24: _app_off_fixrectab
12730.  
12731. load_bound_app:
12732. mov _err_code, 3002h
12733. call seek_from_start
12734. mov ecx, 4
12735. xor edx, edx
12736. call load_fs_block
12737. mov ax, fs:0
12738. mov bx, fs:2
12739. test bx, bx
12740. jnz short loc_15D01
12741. cmp ax, 'EL'
12742. jz load_le_app
12743. cmp ax, 'XL'
12744. jz load_lx_app
12745. cmp ax, 'CL'
12746. jz load_lc_app
12747. cmp ax, 'EP'
12748. jz load_pe_app
12749.  
12750. loc_15D01:
12751. call close_exec
12752. mov ax, 3004h
12753. jmp file_error
12754. start endp ; sp-analysis failed
12755.  
12756. ; ---------------------------------------------------------------------------
12757. ; START OF FUNCTION CHUNK FOR start
12758.  
12759. enter_32bit_code:
12760. test cs:_misc_byte_2, 10h
12761. jz short loc_15D1F
12762. sti
12763. mov al, '>'
12764. call printc
12765. xor ax, ax
12766. int 16h ; KEYBOARD - READ CHAR FROM BUFFER, WAIT IF EMPTY
12767. ; Return: AH = scan code, AL = character
12768. call printcr
12769.  
12770. loc_15D1F:
12771. cli
12772. cld
12773. call install_nullptr_protect
12774. mov ss, _sel32_ss
12775. assume ss:nothing
12776. mov esp, dword ptr a80386ProcessorO+14h ; +0: _app_off_datapages
12777. ; +4: _app_off_pageshift
12778. ; +8: _app_eip_object
12779. ; +C: _app_esp_object
12780. ; +10: _app_eip
12781. ; +14: _app_esp
12782. ; +18: _unreloc_eip
12783. ; +20: _app_siz_fixrectab
12784. ; +24: _app_buf_fixrscstab
12785. ; +28: _app_size_lastpage
12786. mov es, _sel_es
12787. mov fs, _sel_zero
12788. mov ds, _sel32_ss
12789. xor eax, eax
12790. xor ebx, ebx
12791. xor ecx, ecx
12792. xor edx, edx
12793. xor esi, esi
12794. xor edi, edi
12795. xor ebp, ebp
12796. mov gs, ax
12797. assume gs:nothing
12798. pushfd
12799. push large [dword ptr cs:_sel32_cs]
12800. push large [dword ptr cs:a80386ProcessorO+10h] ; +0: _app_off_datapages
12801. ; +4: _app_off_pageshift
12802. ; +8: _app_eip_object
12803. ; +C: _app_esp_object
12804. ; +10: _app_eip
12805. ; +14: _app_esp
12806. ; +18: _unreloc_eip
12807. ; +20: _app_siz_fixrectab
12808. ; +24: _app_buf_fixrscstab
12809. ; +28: _app_size_lastpage
12810. or byte ptr [esp+9], 2
12811. sti
12812. iretd
12813. ; END OF FUNCTION CHUNK FOR start
12814.  
12815. ; =============== S U B R O U T I N E =======================================
12816.  
12817.  
12818. init_system proc near
12819. xor eax, eax
12820. mov dword ptr a80386ProcessorO+14h, eax ; +0: _app_off_datapages
12821. ; +4: _app_off_pageshift
12822. ; +8: _app_eip_object
12823. ; +C: _app_esp_object
12824. ; +10: _app_eip
12825. ; +14: _app_esp
12826. ; +18: _unreloc_eip
12827. ; +20: _app_siz_fixrectab
12828. ; +24: _app_buf_fixrscstab
12829. ; +28: _app_size_lastpage
12830. mov dword ptr aThisProgramRequ+14h, eax ; +4: _exec_handle
12831. ; +8: _exec_start
12832. ; +C: _srcaddr
12833. ; +10: _codesize
12834. ; +14: _app_num_objects
12835. ; +18: _app_off_objects
12836. ; +1C: _app_off_pagetab
12837. ; +20: _app_off_fixpagetab
12838. ; +24: _app_off_fixrectab
12839. mov dword ptr a80386ProcessorO, eax ; +0: _app_off_datapages
12840. ; +4: _app_off_pageshift
12841. ; +8: _app_eip_object
12842. ; +C: _app_esp_object
12843. ; +10: _app_eip
12844. ; +14: _app_esp
12845. ; +18: _unreloc_eip
12846. ; +20: _app_siz_fixrectab
12847. ; +24: _app_buf_fixrscstab
12848. ; +28: _app_size_lastpage
12849. call setup_selector
12850. call setup_dta_buffer
12851. call initialize_mouse
12852. mov ax, 204h
12853. mov bl, 10h
12854. int 31h ; DPMI Services ax=func xxxxh
12855. ; GET PROTECTED MODE INTERRUPT VECTOR
12856. ; BL = interrupt number
12857. ; Return: CF set on error
12858. ; CF clear if successful, CX:DX / CX:EDX = selector:offset of handler
12859. mov _int10_._cs, cx
12860. mov _int10_._ip, edx
12861. mov bl, 21h ; '!'
12862. int 31h ; DPMI Services ax=func xxxxh
12863. ; GET PROTECTED MODE INTERRUPT VECTOR
12864. ; BL = interrupt number
12865. ; Return: CF set on error
12866. ; CF clear if successful, CX:DX / CX:EDX = selector:offset of handler
12867. mov _int21_._cs, cx
12868. mov _int21_._ip, edx
12869. mov bl, 23h ; '#'
12870. int 31h ; DPMI Services ax=func xxxxh
12871. ; GET PROTECTED MODE INTERRUPT VECTOR
12872. ; BL = interrupt number
12873. ; Return: CF set on error
12874. ; CF clear if successful, CX:DX / CX:EDX = selector:offset of handler
12875. mov _int23_._cs, cx
12876. mov _int23_._ip, edx
12877. mov bl, 33h ; '3'
12878. int 31h ; DPMI Services ax=func xxxxh
12879. ; GET PROTECTED MODE INTERRUPT VECTOR
12880. ; BL = interrupt number
12881. ; Return: CF set on error
12882. ; CF clear if successful, CX:DX / CX:EDX = selector:offset of handler
12883. mov _int33_._cs, cx
12884. mov _int33_._ip, edx
12885. mov ax, 202h
12886. xor ebx, ebx
12887.  
12888. loc_15DBC: ; DPMI Services ax=func xxxxh
12889. int 31h ; GET PROCESSOR EXCEPTION HANDLER VECTOR
12890. ; BL = exception number (00h-1Fh)
12891. ; Return: CF set on error
12892. ; CF clear if successful, CX:DX / CX:EDX = selector:offset of handler
12893. mov _exc_tab._cs[ebx*8], cx
12894. mov _exc_tab._ip[ebx*8], edx
12895. inc bl
12896. cmp bl, 0Fh
12897. jb short loc_15DBC
12898. call install_client_ints
12899. jb dpmi_error
12900. call win_focus_vm
12901. cmp _sys_type, 3
12902. jz short locret_15DF1
12903. cmp _process_id, 0
12904. jnz short locret_15DF1
12905. call restore_pit
12906.  
12907. locret_15DF1:
12908. retn
12909. init_system endp
12910.  
12911.  
12912. ; =============== S U B R O U T I N E =======================================
12913.  
12914.  
12915. check_system proc near
12916. test di, di
12917. jz short loc_15E02
12918. cmp di, _version
12919. jz short loc_15E02
12920. mov ax, 9006h
12921. call report_error
12922.  
12923. loc_15E02:
12924. cmp _sys_type, 3
12925. jz short loc_15E14
12926. test ecx, ecx
12927. jnz short loc_15E14
12928. mov ax, 9001h
12929. call report_error
12930.  
12931. loc_15E14:
12932. mov ax, 400h
12933. int 31h ; DPMI Services ax=func xxxxh
12934. ; GET DPMI VERSION
12935. ; Return: CF clear, AH = major version, AL = minor version
12936. ; BX = flags, CL = processor type
12937. ; DH = curr value of virtual master interrupt controller base
12938. ; DL = curr value of virtual slave interrupt controller base
12939. cmp dh, 8
12940. jnz short loc_15E23
12941. cmp dl, 70h ; 'p'
12942. jz short locret_15E2F
12943.  
12944. loc_15E23:
12945. movzx si, dh
12946. movzx di, dl
12947. mov ax, 9002h
12948. call report_error
12949.  
12950. locret_15E2F:
12951. retn
12952. check_system endp
12953.  
12954.  
12955. ; =============== S U B R O U T I N E =======================================
12956.  
12957.  
12958. remove_kernel proc near
12959. cmp _sys_type, 3
12960. jnz short locret_15E6C
12961. cli
12962. pop bp
12963. push es
12964. mov es, _seg_kernel
12965. mov si, 0
12966. mov cx, 1EE0h
12967. rep movsw
12968. pop es
12969. mov ax, dx
12970. shr ax, 4
12971. mov dx, ss
12972. sub dx, ax
12973. mov ss, dx
12974. mov dx, ds
12975. sub dx, ax
12976. mov ds, dx
12977. sub _seg_ds, ax
12978. sub _seg_ss, ax
12979. sub _seg_buf, ax
12980. sub _membase, ax
12981. push dx
12982. push bp
12983. sti
12984. retf
12985. ; ---------------------------------------------------------------------------
12986.  
12987. locret_15E6C:
12988. retn
12989. remove_kernel endp ; sp-analysis failed
12990.  
12991. ; ---------------------------------------------------------------------------
12992. align 2
12993. dfn_tab dfn_struc <offset aQuiet, 5, offset cfg_env_quiet> ; "QUIET"
12994. dfn_struc <offset aPrint, 5, offset cfg_env_print>
12995. dfn_struc <offset aSound, 5, offset cfg_env_sound>
12996. dfn_struc <offset aExtmem, 6, offset cfg_env_extmem>
12997. dfn_struc <offset aDosbuf, 6, offset cfg_env_dosbuf>
12998. dfn_struc <offset aDpmitst, 7, offset cfg_env_test>
12999. dfn_struc <offset aRestore, 7, offset cfg_env_restore>
13000. dfn_struc <offset aNullp, 5, offset cfg_env_nullp>
13001. dfn_struc <offset aVerbose, 7, offset cfg_env_verbose>
13002. dfn_struc <offset aNowarn, 6, offset cfg_env_nowarn>
13003. dfn_struc <offset aNo, 3, offset cfg_env_noc>
13004. dw 0FFFFh
13005. g_errtab errtabentry <0, 0, offset errtab_00xx>
13006. errtabentry <10h, 0, offset errtab_10xx>
13007. errtabentry <20h, 0, offset errtab_20xx>
13008. errtabentry <30h, 0, offset errtab_30xx>
13009. errtabentry <40h, 0, offset errtab_40xx>
13010. errtabentry <60h, 2, offset errtab_60xx>
13011. errtabentry <80h, 0, offset errtab_80xx>
13012. errtabentry <90h, 1, offset errtab_90xx>
13013. dw 0FFFFh
13014. h_errtab dw offset aDos32aweFatalW ; "DOS32AWE fatal (%w): "
13015. dw offset aDos32aweWarnin
13016. dw offset aDos32aweRunTim
13017. errtab_00xx dw offset aThisProgramRequ ; +4: _exec_handle
13018. dw offset a80386ProcessorO ; +8: _exec_start
13019. dw offset aSystemSoftwareD ; +C: _srcaddr
13020. dw offset aPresentDpmiHost ; +10: _codesize
13021. dw offset aIncompatibleVcp ; +14: _app_num_objects
13022. dw offset aCouldNotEnter32 ; +18: _app_off_objects
13023. dw offset aCouldNotAllocat ; +1C: _app_off_pagetab
13024. dw offset aCouldNotEnableA ; +20: _app_off_fixpagetab
13025. dw offset aPleaseRunDos32a ; +24: _app_off_fixrectab
13026. errtab_10xx dw offset _emptystring ; "not enough DOS memory, additional %dKB "...
13027. dw offset aNotEnoughDosMem
13028. dw offset aDosReportedInsu
13029. errtab_20xx dw offset aInvalidEnvironm ; "invalid environment"
13030. dw offset aCouldNotOpenExe
13031. dw offset aErrorInExecFile
13032. errtab_30xx dw offset _emptystring ; "could not open application file \"%s\""
13033. dw offset aCouldNotOpenApp
13034. dw offset aErrorInApplicat
13035. dw offset aFileSDoesNotCon
13036. dw offset aExecFormatNotSu
13037. dw offset aErrorInApplicat
13038. dw offset aExecFormatNotSu
13039. errtab_40xx dw offset _emptystring ; "too many objects in application exec \"%"...
13040. dw offset aTooManyObjectsI
13041. dw offset aNotEnoughDosM_0
13042. dw offset aNotEnoughExtend
13043. dw offset aNotEnoughExte_0
13044. dw offset aUnrecognizedFix
13045. dw offset a16bitFixupOverf
13046. dw offset aNotEnoughDosTra
13047. errtab_60xx dw offset aUnknownErrorCod ; "unknown error code (#%bh)"
13048. dw offset _emptystring
13049. dw offset aOutOfRealModeVi
13050. dw offset aOutOfProtectedM
13051. dw offset aExtendedMemoryB
13052. dw offset aDos4gApiCallsNo
13053. errtab_80xx dw offset _emptystring ; "syntax is DOS32AWE <execname.xxx>"
13054. dw offset aSyntaxIsDos32aw
13055. dw offset aDosReportedAnEr
13056. dw offset aDpmiHostReporte
13057. errtab_90xx dw offset _emptystring ; "no extended memory has been allocated"
13058. dw offset aNoExtendedMemor
13059. dw offset aPicsHaveBeenRel
13060. dw offset aRealModeInterru
13061. dw offset aMouseInitializa
13062. dw offset aObjectDContains
13063. dw offset aIncompatibleVer
13064. i_msg dw offset aIntegerDivision ; "integer division by zero"
13065. dw offset aHardwareBreakpo
13066. dw offset aNmi
13067. dw offset aSoftwareBreakpo
13068. dw offset aOverflowCheckFa
13069. dw offset aBoundsCheckFaul
13070. dw offset aInvalidOpcodeFa
13071. dw offset aCoprocessorNotA
13072. dw offset aDoubleFault
13073. dw offset aCoprocessorSegm
13074. dw offset aInvalidTssFault
13075. dw offset aSegmentNotPrese
13076. dw offset aStackFault
13077. dw offset aGeneralProtecti
13078. dw offset aPageFault
13079. dw offset _emptystring
13080. _misc_byte_1 db 3
13081. _misc_byte_2 db 7
13082. _version dw 0
13083. _cpu_type db 0
13084. _sys_type db 0
13085. _sys_misc dw 0
13086. _buf_size dw 0
13087. _pic_mask dw 0
13088. _err_code dw 0
13089. _acc_rights dw 0
13090. _mus_size dd 0
13091. _mus_backofs dw 0
13092. _mus_backseg dw 0
13093. _mus_ vec8 <0>
13094. _mus_data db 0
13095. db 0
13096. _seg_ds dw 0
13097. _seg_es dw 0
13098. _seg_ss dw 0
13099. _seg_env dw 0
13100. _seg_buf dw 0
13101. _seg_dta dw 0
13102. _seg_mus dw 0
13103. _seg_id32 dw 0
13104. _seg_kernel dw 0
13105. _sel_cs dw 0
13106. _sel_ds dw 0
13107. _sel_es dw 0
13108. _sel_esp dd 0
13109. _sel_ss dw 0
13110. _sel_zero dw 0
13111. _sel_env dw 0
13112. _process_id dw 0
13113. _sel32_cs dw 0
13114. db 0
13115. db 0
13116. _sel32_ss dw 0
13117. db 2 dup(0)
13118. _membase dw 0
13119. _lowmembuf dw 0
13120. _lobufzero dd 0
13121. _lobufbase dd 0
13122. _lobufsize dd 0
13123. dword_15FB6 dd 0
13124. _dta_sel dw 0
13125. _dta_ofs dd 0
13126. _app_dta_sel dw 0
13127. _app_dta_ofs dd 0
13128. _int10_ vec8 <0>
13129. _int21_ vec8 <0>
13130. _int23_ vec8 <0>
13131. _int33_ vec8 <0>
13132. _exc_tab vec8 10h dup(<0>)
13133. _emptystring db 0
13134. cpr_msg db 'DOS32AWE -- DOS Extender version x.x.x',0Dh,0Ah
13135. db 'Copyright (C) 1996-2006 by Narech K.',0Dh,0Ah
13136. db 0Dh,0Ah
13137. db 'AWEUTIL support V1.9 by George L',0Dh,0Ah
13138. db 0Dh,0Ah
13139. aDos32aweFatalW db 'DOS32AWE fatal (%w): ',0
13140. aDos32aweWarnin db 'DOS32AWE warning (%w): ',0
13141. aDos32aweRunTim db 'DOS32AWE run-time (%w): ',0
13142. aDos32aweQuietpr db 'DOS32AWE='
13143. aQuiet db 'QUIET'
13144. aPrint db 'PRINT'
13145. aSound db 'SOUND'
13146. aExtmem db 'EXTMEM'
13147. aDosbuf db 'DOSBUF'
13148. aDpmitst db 'DPMITST'
13149. aRestore db 'RESTORE'
13150. aNullp db 'NULLP'
13151. aVerbose db 'VERBOSE'
13152. aNowarn db 'NOWARN'
13153. aNo db 'NOC'
13154. align 4
13155. aThisProgramRequ db 'this program requires DOS 4.0 or higher',0 ; +4: _exec_handle
13156. ; +8: _exec_start
13157. ; +C: _srcaddr
13158. ; +10: _codesize
13159. ; +14: _app_num_objects
13160. ; +18: _app_off_objects
13161. ; +1C: _app_off_pagetab
13162. ; +20: _app_off_fixpagetab
13163. ; +24: _app_off_fixrectab
13164. a80386ProcessorO db '80386 processor or better required to run protected mode',0 ; +0: _app_off_datapages
13165. ; +4: _app_off_pageshift
13166. ; +8: _app_eip_object
13167. ; +C: _app_esp_object
13168. ; +10: _app_eip
13169. ; +14: _app_esp
13170. ; +18: _unreloc_eip
13171. ; +20: _app_siz_fixrectab
13172. ; +24: _app_buf_fixrscstab
13173. ; +28: _app_size_lastpage
13174. aSystemSoftwareD db 'system software does not follow VCPI/DPMI specifications',0 ; +3: _app_type
13175. ; +4: _app_load
13176. aPresentDpmiHost db 'present DPMI host does not support 32bit applications',0
13177. aIncompatibleVcp db 'incompatible VCPI PIC mappings',0
13178. aCouldNotEnter32 db 'could not enter 32bit protected mode',0
13179. aCouldNotAllocat db 'could not allocate system selectors',0
13180. aCouldNotEnableA db 'could not enable A20 line',0
13181. aPleaseRunDos32a db 'Please run DOS32AWE under Real Mode DOS only (remove EMM)',0
13182. aNotEnoughDosMem db 'not enough DOS memory, additional %dKB needed',0
13183. aDosReportedInsu db 'DOS reported insufficient memory',0
13184. aInvalidEnvironm db 'invalid environment',0
13185. aCouldNotOpenExe db 'could not open exec file "%s"',0
13186. aErrorInExecFile db 'error in exec file "%s"',0
13187. aCouldNotOpenApp db 'could not open application file "%s"',0
13188. aErrorInApplicat db 'error in application file "%s"',0
13189. aFileSDoesNotCon db 'file "%s" does not contain any valid exec format',0
13190. aExecFormatNotSu db 'exec format not supported in file "%s"',0
13191. aTooManyObjectsI db 'too many objects in application exec "%s"',0
13192. aNotEnoughDosM_0 db 'not enough DOS memory to load application exec "%s"',0
13193. aNotEnoughExtend db 'not enough extended memory to load application exec "%s"',0
13194. aNotEnoughExte_0 db 'not enough extended memory to load fixups for exec "%s"',0
13195. aUnrecognizedFix db 'unrecognized fixup data in application exec "%s"',0
13196. a16bitFixupOverf db '16bit fixup overflow in application exec "%s"',0
13197. aNotEnoughDosTra db 'not enough DOS Transfer Buffer space to load LC-exec "%s"',0
13198. aSyntaxIsDos32aw db 'syntax is DOS32AWE <execname.xxx>',0
13199. aDosReportedAnEr db 'DOS reported an error (#%wh)',0
13200. aDpmiHostReporte db 'DPMI host reported an error (#%wh)',0
13201. aNoExtendedMemor db 'no extended memory has been allocated',0
13202. aPicsHaveBeenRel db 'PICs have been relocated to INT %bh, INT %bh',0
13203. aRealModeInterru db 'real mode interrupt vector has been modified: INT %bh',0
13204. aMouseInitializa db 'mouse initialization failed',0
13205. aObjectDContains db 'object #%d contains no data or code',0
13206. aIncompatibleVer db 'incompatible version of DOS/32A already running',0
13207. aUnknownErrorCod db 'unknown error code (#%bh)',0
13208. aOutOfRealModeVi db 'out of real-mode virtual stacks',0
13209. aOutOfProtectedM db 'out of protected-mode virtual stacks',0
13210. aExtendedMemoryB db 'extended memory blocks have been corrupted (#%l)',0
13211. aDos4gApiCallsNo db 'DOS/4G API calls not supported',0
13212. aProcessorDSyste db 'Processor: %d, System: %s, Memory: DOS=%dKB, DPMI=%d%s',0Dh,0Ah,0
13213. systypes str4 <'NONE'>
13214. str4 <'XMS'>
13215. str4 <'VCPI'>
13216. str4 <'DPMI'>
13217. header_types str2 <'LE'>
13218. str2 <'LX'>
13219. str2 <'LC'>
13220. str2 <'PE'>
13221. aKb db 'KB',0
13222. aMb db 'MB',0
13223. aLoadingProgramS db 'Loading program "%s", %s-style',0Dh,0Ah,0
13224. aObjectDLoadedAt db 'Object #%d loaded at %l, V/Psize: %l/%l, Flags=%w, Sel=%w',0Dh,0Ah,0
13225. aStartupCsEipWLS db 'Startup CS:EIP=%w:%l, SS:ESP=%w:%l, %s EIP=%d:%l',0Dh,0Ah
13226. db 'Memory left: DOS=%dKB, DPMI=%d%s. PSP_Sel=%w, Env_Sel=%w, Env_Seg'
13227. db '=%w',0Dh,0Ah,0
13228. aException db 'exception',0
13229. aUnexpectedInter db 'unexpected interrupt',0
13230. aSBhIdentitySAtW db '%s %bh',0Dh,0Ah
13231. db 'Identity: %s at %w:%l',0Dh,0Ah,0
13232. aSCrashAddressDL db '%s crash address %d:%l',0
13233. aErrorCodePushed db ', error code pushed on stack %l',0
13234. aLinear db 'Linear',0
13235. aUnrelocated db 'Unrelocated',0
13236. aModuleNameSProc db 'Module name: "%s", ProcessId=%w',0Dh,0Ah,0
13237. aNullPointerProt db 'Null-pointer protection at %w:%l',0Dh,0Ah,0
13238. aEflagsLL_L db 'EFLAGS = %l [%l.%l] ',0
13239. aCsEipBBBBBBBBBB db 'CS:[EIP] = %b %b %b %b %b %b %b %b %b %b',0
13240. aEaxLEsiLDr6LSsE db 'EAX = %l ESI = %l DR6 = %l SS:[ESP+00] = %l',0Dh,0Ah,0
13241. aEbxLEdiLCr0LSsE db 'EBX = %l EDI = %l CR0 = %l SS:[ESP+04] = %l',0Dh,0Ah,0
13242. aEcxLEbpLCr2LSsE db 'ECX = %l EBP = %l CR2 = %l SS:[ESP+08] = %l',0Dh,0Ah,0
13243. aEdxLEspLCr3LSsE db 'EDX = %l ESP = %l CR3 = %l SS:[ESP+0C] = %l',0Dh,0Ah,0
13244. aInvalidSelector db 'Invalid selector',0
13245. aNullSelector db 'NULL selector',0
13246. aCsW db 'CS: = %w ',0
13247. aDsW db 'DS: = %w ',0
13248. aEsW db 'ES: = %w ',0
13249. aSsW db 'SS: = %w ',0
13250. aFsW db 'FS: = %w ',0
13251. aGsW db 'GS: = %w ',0
13252. aBaseLLimitLGrSS db 'Base=%l Limit=%l Gr=%s Seg=%s/%dbit Type=%d Acc=%w',0Dh,0Ah,0
13253. selmsg9 str4 <'BYTE'>
13254. str4 <'PAGE'>
13255. selmsg8 str4 <'DATA'>
13256. str4 <'CODE'>
13257. aKernel db 'KERNEL=',0
13258. aClient db 'CLIENT=',0
13259. aApp32 db 'APP/32=',0
13260. aApp?? db 'APP/??=',0
13261. aIntegerDivision db 'integer division by zero',0
13262. aHardwareBreakpo db 'hardware breakpoint',0
13263. aNmi db 'NMI',0
13264. aSoftwareBreakpo db 'software breakpoint',0
13265. aOverflowCheckFa db 'overflow check fault',0
13266. aBoundsCheckFaul db 'bounds check fault',0
13267. aInvalidOpcodeFa db 'invalid opcode fault',0
13268. aCoprocessorNotA db 'coprocessor not available',0
13269. aDoubleFault db 'double fault',0
13270. aCoprocessorSegm db 'coprocessor segment overrun',0
13271. aInvalidTssFault db 'invalid TSS fault',0
13272. aSegmentNotPrese db 'segment not present fault',0
13273. aStackFault db 'stack fault',0
13274. aGeneralProtecti db 'general protection fault',0
13275. aPageFault db 'page fault',0
13276. align 10h
13277. TEXT16 ends
13278.  
13279. ; ===========================================================================
13280.  
13281. ; Segment type: Uninitialized
13282. seg003 segment byte stack 'STACK' use16
13283. assume cs:seg003
13284. assume es:nothing, ss:nothing, ds:nothing, fs:nothing, gs:nothing
13285. byte_16CC0 db 800h dup(?)
13286. seg003 ends
13287.  
13288.  
13289. end start
13290.