0

I loaded this code off of the disk at 0x1000:0x0000

Here is the memory address of wtf being pushed onto the stack in segment 0x1000, then returning to segment 0:

mov ax, wtf
push ax
push ds

mov ax, 0
push ax
mov ax, word [ds:0x1000]
push ax
retf ;going back to segment 0

wtf db 'hi', 0

and here is me trying to access the memory address from segment 0

mov ax, 0x1000
mov ds, ax

mov ah, 0x0e
mov al, byte [ds:0x004e]
int 0x10

im using 0x004e because that is the value that got pushed onto the stack with push wtf. However, int 0x10 outputs null and still moves the cursor. The expected output would be 'h'... What is going on here?

astralorchid
  • 9
  • 1
  • It is really unclear what you are doing here. This smells like an [XY problem](https://en.wikipedia.org/wiki/XY_problem). What is it you are really trying to achieve> – Michael Petch Nov 30 '20 at 12:05
  • @MichaelPetch i'm trying to access a reference to intialized data (wtf db). The reference exists, but the data is null at runtime. – astralorchid Nov 30 '20 at 15:37
  • There isn't enough information here to identify a culprit. If 0x1000:0x004e is that actual location of `wtf` then the code in the second snippet should work and print `h`. The fact that it prints something else indicated either that memory address isn't where `wtf` is located or possibly whatever code you jumped to in segment 0 is not where you expected to go. For example from this code I can't tell if `mov ax, word [ds:0x1000]` actually moves the correct return address to the stack to initiate the far return (effectively turns things into a FAR JMP) – Michael Petch Nov 30 '20 at 16:41
  • Not related to your problem. You seem to be trying jump to code in another segment and passing the FAR address of a string on the stack. If you had pushed ax and ds in reverse order (`push ds` `push ax` instead of `push ax` `push ds`) you could have later on (after the `retf`) loaded the FAR address from the stack into DS:BX with something like `mov bp, sp` `lds bx, [bp]` and then done `mov ah, 0x0e` `mov al, byte [bx]` `int 0x10` – Michael Petch Nov 30 '20 at 16:42

0 Answers0