Saving Windows from the OS/2 Bulldozer
In my blog description, I promised to write occasionally about the early Windows days. So here's a post on how David Weise and I got Windows 2.0 into protected mode and blew away the old DOS 640 KB RAM barrier. If this hadn't happened, we'd probably be using some variant of OS/2 today instead of Windows. I wrote this text for Chapter 5 of the book The Personal Computer from the Inside Out, by Richard Shoemaker and myself, published by Addison-Wesley (3rd edition, 1994). Chapter 5 contains a wealth of information on the Intel x86 protected-mode architecture in case you're interested in more details. SST (Scroll Screen Tracer) is referred to below. It's the debugger I wrote that was popular back in the days when people still wrote assembly language. It could even execute backwards!
"Back in the summer of '88, one of us (Murray) was consulting at Microsoft with the mission to write a 286-compatible DOS extender and get Microsoft's CodeView debugger running in protected mode up out of the way of DOS programs running down below in the first megabyte of RAM. To get the ball rolling, Murray built the DOS extender into SST, with the idea that it would be separated out later, something Murray's colleague, Gene Apperson, did, in fact do.
"Aiding the project was SST's ability to load a real-mode .exe in a way that the .exe could run in protected mode. Basically, instead of relocating .exe segment values to the corresponding runtime paragraphs, SST replaced the segment values with selectors pointing to segment-descriptors with appropriate base addresses. In addition to identifying the .exe locations with segment values, the real-mode .exe header includes a far start address whose segment clearly has to be a code segment. Accordingly SST marked the descriptor attribute for that segment to be for code and all others to be for data. Of course, some of these allegedly data segments could be code segments and if you try to execute an instruction in a data segment, a general-protection (GP) exception occurs. So any time a GP exception occurred due to data being executed, SST changed the corresponding descriptor attribute to be for code and iret'd to the faulting instruction. Worked like a champ!
"Well, at a late-June Friday-night party celebrating the opening of Microsoft's big new Canyon-Park manufacturing facility, Murray spied his good friend David Weise, a Windows developer, fellow physicist, and all-round computer whiz. Looking for some fun, Murray teased David that David's new Windows 286 (Windows 2.x with access to the 64-KB HMA) was basically a joke. What one really should do was to get Windows into protected mode and blow away the 640-KB RAM barrier altogether. Much to Murray's surprise, David said, "Yes, let's go do it!" So Murray said, "OK, how about tomorrow?" David said, "No, let's go right now!" And so the two left the party, went over to the Microsoft campus, and used SST to load the Windows 2.x kernel.exe into protected mode. They single stepped along for a while and then, sure enough, GP fault! David fixed the code for that GP fault and single stepped on to the next. Things looked really exciting.
"For several weeks, David worked through the main Windows 2.x dynamic link libraries (DLLs), kernel.exe, gdi.exe, and user.exe, ironing out the GPs, and getting Murray to add features to SST to aid the debugging process. Thanks to Steve Wood's original memory-allocation design, many of the changes involved bypassing real-mode code that served only to emulate the protected mode of the 286. For a whole month following the Friday-evening party, David and Murray told no one what they were doing. The buzzword of the day was "OS/2" and many people at Microsoft (let alone at IBM) might have been really upset to learn that Windows would soon grow out of its baby clothes.
"Meanwhile, as well documented, in the book by Manes and Andrews (1992) and elsewhere, Bill Gates and Steve Ballmer had had it up to their ears with IBM's old-fashioned software development methods and continual specification changes on OS/2. So when David showed Steve how close he was to getting Windows into protected mode, Steve said "Let's go for it," a decision enthusiastically endorsed by Bill in the Windows 3.0 planning meeting three days later.
"There's a whole lot between that early version of protected-mode Windows and the ones described in the following section. But there's no doubt that busting the 640-KB RAM barrier was akin to letting a genie out of the bottle."
For interesting related reading, check out Larry Osterman's post on DavidW.
Comments
Anonymous
December 28, 2006
Of course, when that happened, Microsoft was simotinusly developing Windows/386 and later when they became aware of it, they realized that they will need an interface to cooperate with Windows/386. Thus DPMI was born.Anonymous
December 28, 2006
And the DOS extender changed to support it.Anonymous
December 28, 2006
And so what about the CodeView running in protected mode that the DOS extender work were originally for? That DOS extender later got into CodeView 4.x, Microsoft's Segmented-Executable Linker versions 5.2x and 5.3x, Microsoft C 6.0ax, MASM 6.0x and many other MS development tools.Anonymous
December 28, 2006
BTW, in these products the DOS extender was called DOSX16.Anonymous
December 28, 2006
BTW, Microsoft C 7.0 used a different, 32-bit, DOS extender called DOSX32 that were famous for requiring DPMI to run. It shipped with 386MAX, but soon prompted Quarterdeck to release QDPMI for DPMI support. And the later DOSXNT for Win32 API emulation (used in MASM 6.1(1), 16-bit versions of Visual C++ 1.x, ...) is licensed from Phar Lap, so it is completely different from DOSX16 and DOSX32.Anonymous
January 11, 2007
Btw, Murry; I want to apologize to you for leaving you out of my version of this story (http://blogs.msdn.com/larryosterman/archive/2005/02/02/365635.aspx), Dave gave me the demo and I'd totally forgotten your contribution to the effort.Anonymous
January 11, 2007
Yuhong, thanks for your observations about Windows 386 and DOS extenders. Please note that Windows 386 provided the capability to run multiple DOS applications simultaneously in extended memory. It did not enable Windows to use all of memory. Windows itself was still stuck in one of those DOS windows until Windows 3.0 was released. My post describes the origins of Windows 3.0. Also the way we generalized Windows to use all of memory, it could do so on the 286 as well as on the 386. This was important at the time, since 286 machines were prevelant. Larry, apology accepted. History can get lost in translation :-)Anonymous
January 11, 2007
Hi Murray ! Is Tom S' your Bro ? He Did Forth CAD/68000 on W. Grant rd ... I did SST+ ( great ! ) writing a Forth . Now i am doing Forth on ARM-9 . I lack hardware , i want an ATMEL EVB . I need similar to SST+ , but on ARM-9 . any help is appreciated . Thanks ... zzxx@swissinfo.orgAnonymous
February 06, 2007
I Hi Tom Scott. I have a brother named Tom, but he didn't write any Forth code to my knowledge. I'm not writing any SST+ code these days. The math stuff is too intense :-)Anonymous
April 25, 2007
Thanks, for the SST, that program is many help to me for understund Assembler programming in past. Great works!Anonymous
May 24, 2007
The comment has been removedAnonymous
January 09, 2008
I buy the book 10 years ago (France) with SST include, but today i dont have. It's possible to obtain one copy or adress for download. merçi, gracias.Anonymous
March 15, 2008
Hello, I purchased your book "The Personal Computer from the Inside Out" 3rd ed. It has been awhile since then and I just started reading it lately. I want to get into assembly language but noticed the debugger disk was not included. Is this still available? As a download maybe? Thanks for your time. LCAnonymous
March 28, 2009
The comment has been removedAnonymous
June 06, 2016
great works.......