Calling C&T SCALL safely

If you haven’t heard about C&T Super386 CPU I strongly suggest first reading those two great post from by Michal Necasek – otherwise the rest of this post will not make much sense to you:

Below is a code that – thanks to kindness of Michal Necasek has been tested on actual C&T Super386  hardware – detects this rare CPU in a safe manner. The code is written in assembly language using FASM syntax and I tried my best to comment it in order to aid in its analysis by others.

The algorithm is simple:

  1. (Optionally: CHKWIN) detect if Windows are running.
  2. Check if CPU is 186 (I assume than no one today will run the code on 8080 or 8086 or Nec V20 for example). If yes proceed to next step, if no exit.
  3. Check if CPU is 286. If yes proceed to next step, if no exit.
  4. (Optionally: CHKPM) Use 286 non-priviledge SMSW instruction to test for real mode. If CPU isn’t running in real mode then quit.
  5. Check if CPU is 386. If yes proceed to next step, if no exit.
  6.  Install own exception handler for undefined opcode (INT 6).
  7. Trigger SCALL instruction – if SCALL isn’t supported by the CPU own exception handler installed in previous step will be triggered. If no INT 6 is triggered C&T Supe386 CPU is assumed to be detected. Otherwise this is not a C&T Super386 based system.
  8. Uninstall exception handler by restoring original INT 6 vector. This step is executed regardless of SCALL test result.
  9.  Return to DOS.

The checks for Windows (CHKWIN option) and protected/v86 mode (CHKPM option) were introduce due to the fact that I don’t know how SCALL works internally and could theoretically crash system. Above checks can be disabled by setting their corresponding equates to 0. By default those options are set to 1.

There is one more option: DEBUG that if set to 1 emits additional NOP instruction right after SCALL. This can be used as placeholder for INT 3 (int3 in FASM synatx) instruction if you wish to analyze the registers state after SCALL is executed correctly. This option is turned off (set to 0) by default.

I hope that in a near feature we will learn more about SCALL instruction and SuperV state. It is interesting to see a solution that predates SMM and could be in fact more advanced in some areas.

Last but not least I’d like to thank Michal Necasek for testing the provided code thus making it possible to publish it and for writing his amazing blog.

You can browse and download source code including binary from github.



One thought on “Calling C&T SCALL safely

  1. Pingback: fasm g: Calling C&T SCALL safely | corexor

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s