{"id":43343,"date":"2014-12-19T07:00:00","date_gmt":"2014-12-19T07:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/2014\/12\/19\/how-did-protected-mode-16-bit-windows-fix-up-jumps-to-functions-that-got-discarded\/"},"modified":"2014-12-19T07:00:00","modified_gmt":"2014-12-19T07:00:00","slug":"how-did-protected-mode-16-bit-windows-fix-up-jumps-to-functions-that-got-discarded","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20141219-00\/?p=43343","title":{"rendered":"How did protected-mode 16-bit Windows fix up jumps to functions that got discarded?"},"content":{"rendered":"<p>\nCommenter Neil presumes that\n<a HREF=\"http:\/\/blogs.msdn.com\/b\/oldnewthing\/archive\/2012\/06\/22\/10322767.aspx#10323211\">\nWindows 286 and later simply fixed up the movable entry table with\njmp selector:offset instructions once and for all<\/a>.\n<\/p>\n<p>\nIt could have, but it went one step further.\n<\/p>\n<p>\nRecall that the point of the movable entry table is to provide\na fixed location that always refers to a specific function,\nno matter where that function happens to be.\nThis was necessary because real mode has no memory manager.\n<\/p>\n<p>\nBut protected mode does have a memory manager.\nWhy not let the memory manager do the work?\nThat is, after all, its job.\n<\/p>\n<p>\nIn protected-mode 16-bit Windows, the movable entry\ntable was ignored.\nWhen one piece of code needed to reference another piece of code,\nit simply jumped to or called it\nby its selector:offset.\n<\/p>\n<pre>\n    push    ax\n    call    0987:6543\n<\/pre>\n<p>\n(Exercise: Why didn&#8217;t I use\n<code>call 1234:5678<\/code> as the sample address?)\n<\/p>\n<p>The selector was patched directly into the code as part of\nfixups.\n(We saw this\n<a HREF=\"http:\/\/blogs.msdn.com\/b\/oldnewthing\/archive\/2006\/07\/17\/668284.aspx\">\nseveral years ago<\/a>\nin another context.)\n<\/p>\n<p>\nWhen a segment is relocated in memory,\nthere is no stack walking to\n<a HREF=\"http:\/\/blogs.msdn.com\/b\/oldnewthing\/archive\/2012\/06\/29\/10325295.aspx\">\npatch up return addresses<\/a>\nto point to thunks,\nand no\n<a HREF=\"http:\/\/blogs.msdn.com\/b\/oldnewthing\/archive\/2012\/06\/22\/10322767.aspx\">\nediting of the movable entry points<\/a>\nto point to the\nnew location.\nAll that happens is that the base address in the\ndescriptor table entry for the selector is updated to\npoint to the new linear address of the segment.\nAnd when a segment is discarded,\nthe descriptor table entry is marked <i>not present<\/i>,\nso that any future reference to it will raise a\n<i>selector not present<\/i> exception,\nwhich the kernel handles by reloading the selector.\n<\/p>\n<p>\nThings are a lot easier when you have a memory manager around.\nA lot of the head-exploding engineering in real-mode windows was in\nall the work of\nsimulating a memory manager on a CPU that didn&#8217;t have one!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Commenter Neil presumes that Windows 286 and later simply fixed up the movable entry table with jmp selector:offset instructions once and for all. It could have, but it went one step further. Recall that the point of the movable entry table is to provide a fixed location that always refers to a specific function, no [&hellip;]<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[2],"class_list":["post-43343","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-history"],"acf":[],"blog_post_summary":"<p>Commenter Neil presumes that Windows 286 and later simply fixed up the movable entry table with jmp selector:offset instructions once and for all. It could have, but it went one step further. Recall that the point of the movable entry table is to provide a fixed location that always refers to a specific function, no [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/43343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=43343"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/43343\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=43343"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=43343"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=43343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}