The MASM Forum Archive 2004 to 2012

After Lock Extended Memory Block (Function 0Ch) in DX:BX returns 32-bit physical address of the locked block. Is it possible to write/read directly to memory using this address?
I trying do this using zero segment register with no success.

MS DOS 8.0

AFAIK you would need to be running in PM to use the 32-bit physical address, in which case, assuming that there were no PM OS to stop you from doing so, you would be able to reach any arbitrary address without the aid of the XMS driver.

I make DOS for emergency, and include in it copy utility (and many other soft). MS DOS 8.0 have included HIMEM.SYS (XMSv3.0 - 4G Memory) to IO.SYS, and use UNREAL MODE (?) for all memory access. But this HIMEM.SYS (as last standallone version for MS DOS 7.1) use for moving memory blocks between convectional and upper memory MOVSW, but I want use MOVSD.

HIMEM.SYS creates a window in the physical address space (like segment 0E000h or similar)
i guess it must switch to protected mode to copy the RAM contents back and forth
device drivers are pretty simple   :P
and - HIMEM.SYS is probably pretty small - hint, hint   :8)

http://www.os2museum.com/wp/?p=322

COPY, XCOPY, Norton Commander, Volkov Comander etc copy files very very slow under DOS. So in emergency situation it's possible only pack files in image using Acronis True Image or Terabyte Image. I make two utilities for copying which copy only 1.5 time slower than Windows do for my IDE-UDMA-100. One use only convectional memory, second use XMS 32 mb buffer. They copy 1 g file 42 sec. But if I use first and copy files through RAM DISK 1 g copies 20+17=37 sec. And I can't understand where this 5 sec

Line A20 was closed, may be deal in it  :lol

YES!!!!!!!!!!

Quote.386
CSEG segment use16
assume cs:cseg, ds:cseg, ss:cseg, es:cseg
org  100h
Start:
   xor   ax, ax
   mov   es, ax
   in   al, 92h
   or   al, 02h
   out   92h, al
   mov   bx, 0f01h
   mov   eax, 0b8000h
   mov   word ptr es:[eax], bx
   ret
CSEG ends
end Start

(http://s019.radikal.ru/i620/1204/67/829bcf759c96.gif)

bomz is happy   :U

(http://smiles.kolobok.us/standart/yes3.gif)

QuoteGlobal Enable A20 (Function 03h):
---------------------------------

    ARGS:   AH = 03h
    RETS:   AX = 0001h if the A20 line is enabled,
                 0000h otherwise
    ERRS:   BL = 80h if the function is not implemented
            BL = 81h if a VDISK device is detected
            BL = 82h if an A20 error occurs

    This function attempts to enable the A20 line.  It should only be
used by programs which have control of the HMA.  The A20 line
should be turned off via Function 04h (Global Disable A20) before a
program releases control of the system.

    NOTE: On many machines, toggling the A20 line is a relatively
          slow operation.


Global Disable A20 (Function 04h):
----------------------------------

    ARGS:   AH = 04h
    RETS:   AX = 0001h if the A20 line is disabled,
                 0000h otherwise
    ERRS:   BL = 80h if the function is not implemented
            BL = 81h if a VDISK device is detected
            BL = 82h if an A20 error occurs
            BL = 94h if the A20 line is still enabled

    This function attempts to disable the A20 line.  It should only
be used by programs which have control of the HMA.  The A20 line
should be disabled before a program releases control of the system.

    NOTE: On many machines, toggling the A20 line is a relatively
          slow operation.


Local Enable A20 (Function 05h):
--------------------------------

    ARGS:   AH = 05h
    RETS:   AX = 0001h if the A20 line is enabled,
                 0000h otherwise
    ERRS:   BL = 80h if the function is not implemented
            BL = 81h if a VDISK device is detected
            BL = 82h if an A20 error occurs

    This function attempts to enable the A20 line.  It should only
be used by programs which need direct access to extended memory.
Programs which use this function should call Function 06h (Local
Disable A20) before releasing control of the system.

    NOTE: On many machines, toggling the A20 line is a relatively
          slow operation.


Local Disable A20 (Function 06h):
---------------------------------

    ARGS:   AH = 06h
    RETS:   AX = 0001h if the function succeeds,
                 0000h otherwise
    ERRS:   BL = 80h if the function is not implemented
            BL = 81h if a VDISK device is detected
            BL = 82h if an A20 error occurs
            BL = 94h if the A20 line is still enabled

    This function cancels a previous call to Function 05h (Local
Enable A20).  It should only be used by programs which need direct
access to extended memory.  Previous calls to Function 05h must be
canceled before releasing control of the system.

    NOTE: On many machines, toggling the A20 line is a relatively
          slow operation.


Query A20 (Function 07h):
-------------------------

    ARGS:   AH = 07h
    RETS:   AX = 0001h if the A20 line is physically enabled,
                 0000h otherwise
    ERRS:   BL = 00h if the function succeeds
            BL = 80h if the function is not implemented
            BL = 81h if a VDISK device is detected

    This function checks to see if the A20 line is physically enabled. 
It does this in a hardware independent manner by seeing if "memory
wrap" occurs.

(http://smiles.kolobok.us/standart/cray2.gif)

Make new program with right access to memory - it's work. But conflict with Paragon NTFS driver occurs, any access (read or write) to memory using 32 bit address higher than 0:0FFFEh hang system. In the same time XMS manager HIMEM.SYS move blocks good. STI CLI, close A20, zero upper part of rigisters don't give any result. If run HDPMI only - any conflict. I don't know what to do

(http://smiles.kolobok.us/standart/ireful3.gif)

Quote; Now we have:
      ;   ESI = 32 bit Source Linear Address
      ;   EDI = 32 bit Destination Linear Address
      ;   DS = ES = 0
      ; If the limit of DS or ES is still the Real Mode
      ; default of 64k and ESI or EDI is greater than 64k,
      ; these instructions will fault with an int 13.
      ; In this case, our int 13 handler will set up
      ; the descriptors to have 4Gb limits (real big mode)
      ; and will iret to the faulting instruction.

Depending on what PM software you have running on the system, any of which could alter your 32-bit segment limit, your exception handler could be very busy.

XMS Manager hook int13h

Quoteassume   es:Zero
   mov   ax, cs
   shl   eax, 16
   mov   ax, offset code:Int13Handler+MEM3_Offset
   cli
   push   [OldInt13]         ; For reentrancy
   xchg   eax, [Int13Vector]      ; Install our int 13 handler
   mov   [OldInt13], eax
   sti

   push   ds
   mov   ds, cx
assume   ds:Zero
   mov   ecx, [bp.Count]
   shr   ecx, 1            ; Now DWORD count
                  ; Odd word count in carry
      ; Now we have:
      ;   ESI = 32 bit Source Linear Address
      ;   EDI = 32 bit Destination Linear Address
      ;   DS = ES = 0
      ; If the limit of DS or ES is still the Real Mode
      ; default of 64k and ESI or EDI is greater than 64k,
      ; these instructions will fault with an int 13.
      ; In this case, our int 13 handler will set up
      ; the descriptors to have 4Gb limits (real big mode)
      ; and will iret to the faulting instruction.

      ; The following persuades masm to output
      ; both a 66h and 67h prefix
Fault0:
   rep movs dword ptr [esi], dword ptr [edi]   ; DWORDS first
         ; THE NEXT INSTRUCTION MUST HAVE ADDRESS SIZE OVERRIDE
   db   67h      ; CHIP BUG - DO NOT REMOVE
   nop         ; CHIP BUG - DO NOT REMOVE

   rcl   ecx, 1
Fault1:
   rep movs word ptr [esi], word ptr [edi]      ; Now the odd word
         ; THE NEXT INSTRUCTION MUST HAVE ADDRESS SIZE OVERRIDE
   db   67h      ; CHIP BUG - DO NOT REMOVE
   nop         ; CHIP BUG - DO NOT REMOVE

   pop   ds
assume   ds:code
   pop   eax            ; saved [OldInt13]
   cli               ; NECESSARY
   xchg   eax, [OldInt13]   ; OldInt13 potentially INVALID
   mov   [Int13Vector], eax      ; Deinstall our handler
   sti

Have complicate code int13h including switching to protected mode

QuoteInt13Handler   proc   far
assume   cs:code, ds:nothing, es:nothing
   push   bp
   mov   bp, sp         ; Base to look at faulting address
   push   ax

   mov   al, 0Bh         ; Party on PIC to see if interrupt
   out   20h, al
   in   al, 20h         ; ISR
   test   al, 20h         ; IRQ5, int 13
   jnz   short NotOurInt13

   mov   ax, cs
   cmp   [bp+4], ax      ; Fault from our cs?
   jne   short NotOurInt13   ;   no, SOMETHING IS FUNNY!
   cmp   word ptr [bp+2], offset code:Fault0+MEM3_Offset
   je   short LoadDescriptorCache
   cmp   word ptr [bp+2], offset code:Fault1+MEM3_Offset
   jne   short NotOurInt13   ; Not one of our instructions ????

LoadDescriptorCache:
   mov   bx, descRealBig - OurGDT   ; Special 4Gb selector
   lgdt   qword ptr cs:[GDTPtr]

   mov   eax, cr0
   or   al,1
   mov   cr0, eax         ; Go into Protected Mode
                  ; NOTE: NMIs will kill us!!!

   db   0eah            ; jmp far flush_prot
   dw   offset code:flush_prot+MEM3_Offset     ; Clears the prefetch
   dw   descCS - OurGDT   

flush_prot:
   mov   es, bx            ; Set up the segments we want
   mov   ds, bx

   and   al, 0FEh
   mov   cr0, eax         ; Return to Real Mode

   db   0EAH         ; jmp far flush_real
   dw   offset code:flush_real+MEM3_Offset
patch3   equ word ptr ($+MEM3_Offset)
   dw   0

flush_real:
   xor   ax, ax
   mov   ds, ax
   mov   es, ax

   pop   ax
   pop   bp
   iret               ; Back to faulting instruction

NotOurInt13:
   pop   ax
   pop   bp
   jmp   cs:[OldInt13]

Int13Handler   endp

and main use MOVSD to move blocks. so do this more quickly impossible