Jump to content

High memory area

From Wikipedia, the free encyclopedia
Not to be confused withHigh memory.

The high memory area is highlighted.

InDOS memory management,thehigh memory area(HMA) is theRAMarea consisting of the first 65520bytesabove the one megabyte in anIBMATor compatible computer.

Inreal mode,thesegmentation architectureof theIntel8086and subsequent processors identifies memory locations with a 16-bit segment and a 16-bit offset, which is resolved into a physical address via (segment) × 16 + (offset). Although intended to address only 1Megabyte(MB) (220bytes) of memory, segment:offset addresses atFFFF:0010and beyond reference memory beyond 1 MB (FFFF0 + 0010 = 100000). So, on an80286and subsequent processors, this mode can actually address the first 65520 bytes of extended memory as part of the 64 KB range starting 16 bytes before the 1 MB mark—FFFF:0000 (0xFFFF0)toFFFF:FFFF (0x10FFEF).The Intel8086and8088processors, with only 1 MB of memory and only 20address lines,wrapped around at the 20th bit, so that addressFFFF:0010was equivalent to0000:0000.[1]

To allow running existing DOS programs which relied on this feature to accesslow memoryon their newer IBMPC ATcomputers, IBM added specialcircuitryon themotherboardto simulate the wrapping around. This circuit was a simplelogic gatewhich could disconnect the microprocessor's 21st addressing line,A20,from the rest of the motherboard. This gate could be controlled, initially through thekeyboard controller,to allow running programs which wanted to access the entire RAM.[1]

So-calledA20 handlerscould control the addressing mode dynamically,[1]thereby allowing programs to load themselves into the 1024–1088 KB region and run in real mode.[1]

Code suitable to be executed in the HMA must either be coded to beposition-independent(using only relative references),[2][1]be compiled to work at the specific addresses in the HMA (typically allowing only one or at most two pieces of code to share the HMA), or it must be designed to beparagraph boundaryor evenoffset relocatable(with all addresses being fixed up during load).[2][1]

Before code (or data) in the HMA can be addressed by the CPU, the corresponding driver must ensure that the HMA is mapped in. This requires that any such requests are tunneled through astubremaining in memory outside the HMA, which would invoke the A20 handler in order to (temporarily) enable theA20 gate.[2][1]If the driver does not exhibit any public data structures and only uses interrupts or calls already controlled by the underlying operating system, it might be possible to register the driver with the system in a way so that the system will take care of A20 itself thereby eliminating the need for a separate stub.[1][nb 1]

The first user of the HMA amongMicrosoftproducts wasWindows/2862.1 in 1988, which introduced theHIMEM.SYSdevice driver. Starting in 1990 withDigital Research'sDR DOS 5.0[3](viaHIDOS.SYS /BDOS=FFFF[4]andCONFIG.SYSHIDOS=ON) and since 1991 withMS-DOS 5.0[3](viaDOS=HIGH), parts of the operating system'sBIOSand kernel could be loaded into the HMA as well,[3][5]freeing up to 46 KB ofconventional memory.[1]Other components, such as device drivers andterminate-and-stay-resident programs(TSRs), could at least be loaded into theupper memory area(UMA), but not into the HMA. Under DOS 5.0 and higher, withDOS=HIGH,the system additionally attempted to move the disk buffers into the HMA.[5]UnderDR DOS 6.0(1991) and higher, the disk buffers (viaHIBUFFERS,and later alsoBUFFERSHIGH), parts of the command processorCOMMAND.COMas well as several specialself-relocatingdrivers likeKEYB,NLSFUNCandSHAREcould load into the HMA as well (using their/MHoption), thereby freeing up even more conventional memory and upper memory for conventional DOS software to work with.[1]TASKMAXseems to have relocated parts of itself into the HMA as well.[6][7]Novell'sNLCACHEfromNetWare Liteand early versions ofNWCACHEfromPersonal NetWareandNovell DOS 7could utilize the HMA as well.[8][9][7]Under MS-DOS/PC DOS, a ca. 2 KB shared portion of COMMAND.COM can be relocated into the HMA,[10]as well asDISPLAY.SYSbitmaps for preparedcodepages.[10][11]UnderMS-DOS 6.2(1993) and higher, a ca. 5 KB portion ofDBLSPACE.BIN/DRVSPACE.BINcan coexist with DOS in the HMA (unlessDBLSPACE/DRVSPACE/NOHMAis invoked).[5][12]UnderPC DOS 7.0(1995) and2000,DOSKEYloads into the HMA (if available),[13]and SHARE can be loaded into the HMA as well (unless its/NOHMAoption is given).[13]UnderMS-DOS 7.0(1995) to8.0(2000), parts of the HMA are also used as a scratchpad to hold a growing data structure recording various properties of the loaded real-mode drivers.[7][14][15]

See also

[edit]

Notes

[edit]
  1. ^A stub is not necessary for the resident system extensionsSHAREandNLSFUNCunderDR DOS 6.0and higher, because they only hook the multiplex interrupt INT 2Fh and can therefore utilize a backdoor interface to hook into the interrupt chain inkernel spaceso that the kernel's gateA20 handlerwill provide the functionality of the stub.

References

[edit]
  1. ^abcdefghijPaul, Matthias R. (2002-02-02)."Treiber dynamisch nachladen (Intra-Segment-Offset-Relokation zum Laden von TSRs in die HMA)"[Loading drivers dynamically (Intra-segment offset relocation to load TSRs into the HMA)] (in German).Newsgroup:de.comp.os.msdos.Archivedfrom the original on 2017-09-09.Retrieved2017-07-02.(NB. Gives a comprehensive overview on the history and "nature" of the HMA and the non-obvious design constraints to be observed when developing resident system extensions to be loaded into the HMA. It also describes how to address these issues usingstubs,backdoors, and intra-segment offset relocation, a method used byDR-DOSdrivers capable of relocating into the HMA and similar to a (more sophisticated) method used as the basis for thedynamic dead code eliminationin the author's FreeKEYB driver.)
  2. ^abcIngenoso, Tony (1998-12-20). "Chapter 13 - The A20 gate and the HMA".Making Code Work Better - How to minimize the size of 80x86 code and sometimes make it faster(e-book).Archivedfrom the original on 2019-11-18.Retrieved2019-11-18.
  3. ^abcDryfoos, Mike, ed. (1991-09-18) [1991-07-19]."MS-DOS 5.0 Development Post-Mortem Report"(PDF)(mail as court document).Microsoft.p. 10. MS-PCA1179169 (MS-PCA1179159-MS-PCA1179191). MS7020988 (MS7020978-MS7021010). Depo. Ex. 1109.Comes v MicrosoftPlaintiff's Exhibit 3473. CA.No.2:96CV645B Plaintiff's Exhibit 477.Archived(PDF)from the original on 2019-04-02.Retrieved2019-07-22.[…] One of the most important stimulanta for adding features was competitive pressure fromDRDOS 5.0,which we first learnt of in the spring of 1990. The DRDOS feature set led us to addUMBsupport, task swapping, and Undelete. […] Considerable amounts of the team's management attention was diverted to new features such as file transfer software, undelete and network installation […] Eventually this situation reached a crisis point at the end of July 1990, and, led byBradS,the team's management spent an arduous series of meetings nailing down a schedule and process for closing the project down […](1+32 pages)
  4. ^Banta, K.; Partridge, D. (1994-08-18)."Third Party Memory Managers".DR DOS 6.0(Technical information document). Revision A.Novell.TID800074 (replaces FYI-M-1303).Archivedfrom the original on 2021-12-15.Retrieved2021-12-15.
  5. ^abcSchulman, Andrew;Brown, Ralf D.;Maxey, David; Michels, Raymond J.; Kyle, Jim (1994) [November 1993]. Williams, Andrew (ed.).Undocumented DOS: A programmer's guide to reserved MS-DOS functions and data structures - expanded to include MS-DOS 6, Novell DOS and Windows 3.1.The Andrew Schulman Programming Series (1st printing, 2nd ed.). Reading, Massachusetts, USA:Addison Wesley Publishing Company.pp. 42, 349–350, 437–438.ISBN0-201-63287-X.ISBN978-0-201-63287-3.(xviii+856+vi pages, 3.5 "-floppy[1]) Errata:[2][3]
  6. ^"Format of HMA Memory Block (DR DOS 6.0 kernel loaded in HMA)".RBIL.2000.Archivedfrom the original on 2020-02-18.Retrieved2020-02-18.
  7. ^abcPaul, Matthias R. (2002-04-10)."[fd-dev] HMA access from TSR".freedos-dev.Archivedfrom the original on 2017-09-09.Retrieved2017-09-09.[…]MS-DOS 7.0+ adds INT 21h/AX=4A03h and INT 21h/AX=4A04h.RBIL61 INT 21h/AH=52h has some info on the MS-DOS 7.0+ HMA MCB chain […] HMA relocation for TSRs makes much sense forDR-DOS:Although you can load large parts of theBIOSandBDOS,the resident part of the shell, theBUFFERS,and DR-DOS TSRs likeSHARE,KEYB,andNLSFUNC(and in some issues parts of TASKMGR andNWCACHE) into the HMA, there is usually still free space available, typically around 10 Kb (up to ca. 20 Kb when you use a 3rd party shell). It also makes sense forMS-DOS 5.0-6.22andPC DOSup to2000,which typically leave 4 - 7 Kb of the HMA memory unused (SHARE, KEYB, and NLSFUNC cannot load into the HMA, butDBLSPACEandHIMEMcan to some extent). Available HMA space can be rather tight withMS-DOS 7.0+, since this issue introduced a new and for the most part undocumented RMD data structure usually located in the HMA. The kernel collects and records configuration and Real Mode Driver data during boot (type of driver, interrupts hooked by driver,CONFIG.SYSline of invocation, etc.) and stores this information in an […] complicated […] and […] growing data structure. Presumably this info is meant to be used by the Windows core to get a better picture of the loaded Real Mode drivers instead of treating DOS as a monolithic block, or even […] attempt to unhook or unload some of them, however, it is only used to a very limited extent (for example you can see some of the info reflected in the log files created on Windows 9x startup, and some parts of the Windows configuration manager also make use of it), leaving room for speculation much beyond the technical side - in particular because nothing of the interesting stuff is documented… […]
  8. ^Paul, Matthias R. (1997-07-30) [1994-05-01]. "II.4. Undokumentierte Eigenschaften externer Kommandos".NWDOS-TIPs — Tips & Tricks rund um Novell DOS 7, mit Blick auf undokumentierte Details, Bugs und Workarounds.MPDOSTIP (in German) (3 ed.).Archivedfrom the original on 2016-11-05.Retrieved2012-01-11.(NB.NWDOSTIP.TXTis a comprehensive work onNovell DOS 7andOpenDOS 7.01,including the description of many undocumented features and internals. It is part of the author's yet largerMPDOSTIP.ZIPcollection maintained up to 2001 and distributed on many sites at the time. The provided link points to a HTML-converted older version of the file.)[4]
  9. ^Paul, Matthias R. (2001-04-09). "II.4. Undokumentierte Eigenschaften externer Kommandos".NWDOS-TIPs — Tips & Tricks rund um Novell DOS 7, mit Blick auf undokumentierte Details, Bugs und Workarounds.MPDOSTIP (in German) (3 ed.).
  10. ^abChappell, Geoff (January 1994). Schulman, Andrew; Pedersen, Amorette (eds.).DOS Internals.The Andrew Schulman Programming Series (1st printing, 1st ed.).Addison Wesley Publishing Company.pp. 4, 21, 100–106, 127–129.ISBN978-0-201-60835-9.ISBN0-201-60835-9.(xxvi+738+iv pages, 3.5 "-floppy[5][6]) Errata:[7][8][9]
  11. ^Paul, Matthias R. (2002-12-04)."[fd-dev] DISPLAY CON?".freedos-dev.Archivedfrom the original on 2021-12-08.[…] some issues of DISPLAY.SYS (ofPC DOS 7/2000,for example) store the currently unused fonts inXMS memory.Some earlier issues of MS-DOS/PC DOSDISPLAY.SYSseem to have had a facility to store them in the HMA […]
  12. ^Cooper, Jim (2002).Using MS-DOS 6.22(special 3rd ed.).Que Publishing.p. 669.ISBN0-78972573-8.ISBN978-0-78972573-8.Archivedfrom the original on 2020-02-18.Retrieved2020-02-18.
  13. ^abBrooks, Vernon C. (2014)."This is a detailed list of the changes I made in PC DOS 7.0".PC DOS Retro.Archivedfrom the original on 2020-02-18.Retrieved2020-02-18.[…]DOSKEY.COM[…] Move code to HMA if available. […]SHARE.EXE[…] Move code to HMA if available and added /NOHMA option force loading low. […]
  14. ^Sweger, Kristofer (2007) [2002-07-15]."ANSIPLUS and Windows".Archivedfrom the original on 2021-11-28.Retrieved2021-11-28.[…] ANSIPLUS's code cannot be loaded to the HMA underMS-DOS 7(Windows 9x only) because there apparently is not enough unused HMA memory available. […]
  15. ^Paul, Matthias R. (2002-08-13)."Suche freien Speicherbereich unterhalb von 1 MB, der nicht von OS überschrieben wird"(in German).Newsgroup:de.comp.lang.assembler.x86.Archivedfrom the original on 2017-09-04.Retrieved2017-09-03.
  16. ^Paul, Matthias R. (1997-10-02) [1997-09-29]."Caldera OpenDOS 7.01/7.02 Update Alpha 3 IBMBIO.COM - README.TXT and BOOT.TXT - A short description of how OpenDOS is booted".Archived fromthe originalon 2003-10-04.Retrieved2009-03-29.[10]

Further reading

[edit]
  • Necasek, Michal (2011-09-13)."Who needs the address wraparound, anyway?".OS/2 Museum.Archivedfrom the original on 2020-02-19.Retrieved2020-02-19.[…]86-DOS,and hencePC DOS/MS-DOS,used a clever trick. The byte at offset 5 of thePSPcontained a far call opcode (9Ah); the word at offset 6 of the PSP contained the appropriate value to indicate program segment size, and also the offset part of the far call. The word at offset 8, which served as the segment part of the far call, was crafted such that when combined with the offset, it would wrap around (a well understood feature of the8086CPU) and point to address 0:C0h, which contains interrupt vector 30h. […] theCALL 5interface works even in DOS emulation under Windows NT and OS/2, and those systems most certainly cannot run with theA20 linedisabled. How does that work then? […] Rather than chopping off address bits, the system mirrors the five bytes at 0:C0h at 1000C0h. The same technique had been in fact used in DOS 5 and above running withDOS=HIGH.In that case, DOS makes sure that linear address 1000C0h contains the appropriate far call. […]
  • Kozierok, Charles M. (2001-04-17) [1997]."High Memory Area (HMA)".The PC Guide.2.2.0. Archived fromthe originalon 2006-10-16.Retrieved2006-10-15.
  • Paul, Matthias R. (2002-04-11)."Re: [fd-dev] ANNOUNCE: CuteMouse 2.0 alpha 1".freedos-dev.Archivedfrom the original on 2020-02-21.Retrieved2020-02-21.[…] in case of suchmangled pointers[…] many years ago Axel and I were thinking about a way how to use *one* entry point into a driver for multiple interrupt vectors (as this would save us a lot of space for the multiple entry points and the more or less identical startup/exit framing code in all of them), and then switch to the different interrupt handlers internally. For example: 1234h:0000h […] 1233h:0010h […] 1232h:0020h […] 1231h:0030h […] 1230h:0040h […] all point to exactly the same entry point. If you hook INT 21h onto 1234h:0000h and INT 2Fh onto 1233h:0010h, and so on, they would all go through the same "loophole", but you would still be able to distinguish between them and branch into the different handlers internally. Think of a "compressed" entry point into aA20stub for HMA loading. This works as long as no program starts doing segment:offset magics. […] Contrast this with the opposite approach to have multiple entry points (maybe even supportingIBM'sInterrupt Sharing Protocol), which consumes much more memory if you hook many interrupts. […] We came to the result that this would most probably not be save in practise because you never know if other drivers normalize or denormalize pointers, for what reasons ever. […]
Retrieved from "https://en.wikipedia.org/w/index.php?title=High_memory_area&oldid=1226612829"