BIOS ROM是如何映射到PC上的地址空间的?
x86 CPU 从物理地址 0xFFFFFFF0 开始执行。 BIOS ROM 位于地址空间的末尾。 CPU 从 ROM 执行的第一条指令是远跳转,这会导致 CS 段重新加载,因此下一条指令从物理区域 0x000F0000 - 0x000FFFFF 内执行。
是什么导致 ROM 在两个区域都有响应? PC上有什么特殊的地址解码逻辑吗?我在 Bochs 源代码中发现注释,指出 BIOS ROM 的最后 128K 映射到 0xE0000 - 0xFFFFF。但是我找不到有关此的更多信息。显然,这是 PC 特有的,因为我有 x86 嵌入式板,并且此类镜像不会发生在那里。我只能使用近跳。
The x86 CPU begins execution at physical address 0xFFFFFFF0. There at the end of the address space the BIOS ROM is located. The first instruction the CPU executes from the ROM is far jump which causes the CS segment to be reloaded so the next instruction is executed from within the physical region 0x000F0000 - 0x000FFFFF.
What causes the ROM to respond on both regions? Is there some special address decoding logic on PC? I found comment in Bochs source code that states that last 128K of BIOS ROM is mapped to 0xE0000 - 0xFFFFF. However I cannot find more info about this. Clearly this is something PC specific since I have x86 embedded board and such mirroring does not happen there. I can only use near jump.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
在 PC 上,总是涉及一些地址解码逻辑,因为物理地址空间中存在一些“孔/窗口”,通过这些孔/窗口可以访问 BIOS ROM 和 I/O 设备(例如视频卡)而不是 RAM。这是出于兼容性原因而设计的,因此较旧的程序仍然可以在较新的计算机上运行。
至于CPU复位后开始执行的起始地址,如果你看文档,你会发现Pentium级CPU是这样开始的:
EIP=0xFFF0
CS.选择器=0xF000
CS.Base=0xFFFF0000
如果遵循正常的实模式寻址方案,则物理地址应为 CS.Selector*16+IP,或者替换值后为 0xFFFF0。然而,CPU实际上使用CS.Base+(E)IP计算地址(在真实和16/32位保护模式下,但不在虚拟8086或64位保护模式下),因此CPU请求的第一个地址内存中的值将是 0xFFFFFFF0。您无法使用远跳转到 ROM 中高地址处的代码,可能是因为加载到 CS 中会将 CS.Base 重置为 16 * CS.Selector 的新值。因此,跳转到 0xF000:0xFFF0 会将控制权转移到 0xFFFF0 而不是 0xFFFFFFF0,除非 ROM 也映射到内存中的该低位置,并且其中的代码适合使用 CS(.Selector)=0xF000 运行,它不会运行。
此外,如果 PC 限制为最多 16MB(如 i80286 和 i80386SX)或 4GB(如 i80386DX/original 上),则 CPU 及其周围的电路都不必支持所有 32 个(或更多)地址线。 i80386 和 i80486) 或 240-52 字节(在支持 64 位的奔腾级 CPU),如果是这种情况,如果忽略物理地址空间中的多个高位,则可以说执行有效地从低于理论最大值 - 16 的地址开始,例如 0x00FFFFF0 (i80286/i80386SX) 。
如果您需要解决主板问题,请参阅其文档和原理图,了解 ROM 如何映射到其物理地址空间。
On the PC there's always some address decoding logic involved because there are a few "holes/windows" in the physical address space through which the BIOS ROM and I/O devices (e.g. video card) are accessible instead of the RAM. That's by design, for compatibility reasons, so older programs can still run on newer computers.
As for the initial address at which the CPU starts execution after a reset, if you look at the documentation, you will see that Pentium-class CPUs start with this:
EIP=0xFFF0
CS.Selector=0xF000
CS.Base=0xFFFF0000
If you follow the normal real-mode addressing scheme, the physical address should be CS.Selector*16+IP, or, with the values substituted, 0xFFFF0. However, the CPU actually calculates the address using CS.Base+(E)IP (in the real and 16/32-bit protected mode, but not in virtual 8086 or 64-bit protected mode), hence the first address that the CPU requests from the memory is going to be 0xFFFFFFF0. Your inability to use far jumps to code within the ROM at that high address may be due to the fact that loading into CS will reset CS.Base to 16 * the new value of CS.Selector. So, jumping to, say, 0xF000:0xFFF0 will transfer control to 0xFFFF0 instead of 0xFFFFFFF0 and unless the ROM is also mapped at that low location in the memory and the code in it is suited for running with CS(.Selector)=0xF000, it's not going to run.
Also, neither the CPU nor the circuitry around it has to support all 32 (or more) address lines if the PC is limited to have at most 16MB (as it was on i80286 and i80386SX) or 4GB (as it was on i80386DX/original i80386 and i80486) or 240-52 bytes (on 64-bit capable Pentium-class CPUs) and if that's the case, if a number of high bits in the physical address space are ignored, execution can be said to effectively start at an address lower than the theoretical maximum - 16, e.g. 0x00FFFFF0 (i80286/i80386SX).
If you need to resolve problems with your board, see its documentation and schematics to find out how the ROM is mapped into the physical address space on it.
由于内存别名,ROM 对这两个区域都有响应。根据此 博士。英特尔的 Pete Dice 撰写的 Dobbs 文章:
查看这篇文章,了解有关设备内存映射以及内存初始化、配置和测试的更多底层详细信息。
ROM responds to both regions due to memory aliasing. According to this Dr. Dobbs article written by Pete Dice of Intel:
Check out the article for more low level details on device memory mapping and memory initialization, configuration, and testing.