CS:EIP in comparison

Question

I'm trying to understand booting in xv6 (a teaching OS) with gdb.

One of the instructions during the initial boot is (AT&T syntax):

cmpl 0x0,%cs:0x65a4

And then,

jne 0xfd2b9

Now, from what I understand, cmpl compares the two values and sets flags, jne looks at the flags and jumps if the values just compared were not equal.

But I don't understand the meaning of %cs:0x65a4 as the operand. Is this referring to the value of the address (cs*16 + 65a4), or the actual contents of that memory location?

I'm asking because the system doesn't end up jumping after the jne instruction, which means the second operand (%cs:0x65a4) evaluated to zero. But that shouldn't be, since neither the address nor its contents is zero.

Answer 1

Is this referring to the value of the address (cs*16 + 65a4), or the actual contents of that memory location?

The 32-bit word in the memory located at the address (cs*0x10 + 0x65a4) is compared to the value 0 - assuming the CPU runs in "real mode".

However something appears very strange to me:

You talk about "cs*0x10" which is the address calculation for "real mode". Since the 80286 there is a second addressing mode called "protected mode". In this mode the absolute address cannot be calculated that simply...

The CPU can only be in "32-bit mode" when it is running in protected mode. The 16-bit and the 32-bit instruction set of x86 CPUs is different!

And "jne 0xfd2b9" definitely is a 32-bit instruction and EIP is definitely a 32-bit register.

So either ...

• ... the CPU runs in real mode but the disassemled code you see is 32-bit code (so the disassembly is wrong)
• ... the CPU runs in real mode but you assembled 32-bit code (so the code is wrong)
• ... the CPU runs in protected mode so the calculation cs*0x10 is wrong