📜 ⬆️ ⬇️

BAARD in Windows

Raymond Chen ’s story about how much Microsoft is trying to ensure compatibility of new versions of Windows with other people's programs caused an ambiguous reaction.

The reverse case is also known: when Microsoft deliberately sought the incompatibility of Windows with the “unreliable” clones of MS-DOS. From the release of Dr. Dobb's Journal for September 1993:

Windows AARD Detection Code

If you participated in the beta test of Windows 3.1, and DR-DOS was on your computer, then you probably encountered this unusual error message:
 Non-Fatal error detected: error # 2726
 Please contact Windows 3.1 beta support
 Press ENTER to exit or C to continue

Although this is a “non-fatal error,” and pressing C continues to start Windows, the “default” action is to cancel the launch.
Already suspicious: if the error is non-fatal, and Windows is able to work, despite it, why bother to report it to the user at all?
This message was issued by the programs WIN.COM , SETUP.EXE , HIMEM.SYS , SMARTDRV.EXE and MSD.EXE in several pre-release editions of Windows 3.1.
The final version of Windows 3.1 still contains the code that displays this message. This code is “off”, but it is enough to change one byte in WIN.COM to “enable” it.

The most interesting thing about this message is that it is displayed on all versions of DR-DOS, including the beta version of Novell DOS 7, but is not displayed on either MS-DOS or PC-DOS. What does this message say?

Maybe this is an accident?

Microsoft competitors often whine about the fact that the “evil empire” intentionally disrupts the work of their programs. In fact, Microsoft usually makes unprecedented efforts to support backward compatibility, even when faced with errors in competitors' programs.

Anyone who claims that Microsoft "does not allow" Windows to work on DR-DOS, I can point out the fact: Advanced Windows 3.1 mode works fine on DR-DOS. Yes, Standard mode does not work, but Novell has confirmed that this is because of a bug in DR-DOS.

One would assume that a strange error message is displayed due to another bug in Novell DOS. It is not for the first time that bugs in N programs are attempting to pass off as “intentional incompatibility” of M.

Debug protection

The first step in ascertaining the causes of a message is analyzing the WIN.COM code. Immediately we encounter an obstacle course: the corresponding fragment of WIN.COM encrypted with XOR, self-modifying, deliberately confused, and in addition is stuffed with tricks for protection against step-by-step execution: for example, it installs INT 1,2,3 debug interrupt vectors on non-existing addresses. This has no effect on modern debuggers (I used Soft-ICE from Nu-Mega), but by themselves attempts to obstruct the research have already revealed that the matter is unclean.

Despite the fact that the main part of the code is encrypted, a line with Microsoft copyright remained unencrypted, and a couple of lines “AARD” and “RSAA” - possibly, the initials of the programmer.

(The author guessed: AARD - the initials of Aaron Reynolds, who implemented this "protection".)

A string of checks

In essence, the encrypted code checks whether the operating system is genuine MS / PC-DOS. (Given that this code is part of Windows - an MS-DOS-independent product!) Various aspects of undocumented functions and internal DOS structures are checked. For example, the AARD code checks some pointers in SysVars to ensure that they are initialized. Interestingly, although the SysVars structure SysVars implemented in any quality DOS clone, the DR-DOS 5/6 version does not pass internal HIMEM.SYS testing: this driver loads before the initialization of the internal DR-DOS structures completes.

Further more complicated tests follow. First, the code checks if the network redirector is running. If started, AARD checks whether the table of lowercase and capital letters of the current codepage is located in the same segment. If the redirector is not running, AARD makes sure that the first file control block (FCB) is at offset 0.

These tests pass all versions of MS-DOS, but not a single version of DR-DOS passes.

Stern guard

What is the relation of linguistic information to the network redirector? What is the difference between Windows, in which segment the capitalization table is located, and by what offset - FCB? What are these "mistakes"?

In fact, the capitalization segment is not used anywhere in Windows: the AARD code has nothing to do with the work of those five unrelated programs. It would be clear if Windows analyzes the internal structures of DOS and determines its version in order to check whether certain functions are implemented. But neither WIN.COM , nor other programs with the AARD-code in any way use the result of the checks: the only thing they do is confuse the users of the “extraneous” versions of DOS with a meaningless error message.

This is definitely similar to "intentional incompatibility." If the “error” is non-fatal, and Windows continues to work normally, then what is the error? That the user chose the wrong version of DOS?

I tried changing the pointers to the letter table and to the FCB in MS-DOS to point to the same data, but using a different pair (segment: offset). Windows and all my programs continued to work as if nothing had happened; the only change is that now I began to receive an AARD message at startup.
It turns out that AARD is a test for absolute, finished MS-DOS compatibility.

I reported a find to Microsoft, and received a response from a high-ranking employee: “We don’t care about DR-DOS ... They [Novell] say they are 100% compatible, but DR-DOS is full of bugs. If DR-DOS users have problems with Windows, let Novell understand. ”
But apparently, they have to do with DR-DOS - since they implemented such a sophisticated check, and even so thoroughly confused it.

Microsoft is not new to using undocumented interfaces for communication between its products. For example, DOS clones, including DR-DOS, have to impersonate old versions of MS-DOS, for example, MS-DOS 3.31, so that Windows runs on them in Advanced mode. This is due to the fact that the DOSMGR driver in WIN386.EXE uses an undocumented protocol for communication with MS-DOS 5/6, which has not yet been decrypted by other companies. If the clones were posing as modern versions of DOS, then Windows would try to contact them using an unsupported protocol.
But the transition from undocumented interfaces to purposely entangled and encrypted is a hitherto unseen technology of competition.

The answer of the author of the AARD-code , behind the Windows fathers visa is Bill Gates and Brad Silverberg, very muddy and watery. In short, the Windows developers actually discovered during testing a number of problems with DOS clones, and decided not to waste extra forces on detecting and circumventing all incompatibilities, but simply to issue a message when running Windows not on MS-DOS, “your operating system is not supported; continue at your own peril. ”

Aaron is outraged even by the assumption that Microsoft should support Windows on foreign versions of DOS: “It’s not the first year that they have been living offended by our developments; we didn’t have enough to debug their crafts for them. ”

At the time of beta testing, it was decided to make the message more vague, and to include the mention of an incomprehensible error, so that the user did not forget to report that a message appeared on his computer.
It was important for the beta test organizers to know which users are working under MS-DOS (and report real bugs in Windows), and who are under DOS clones (and, perhaps, see bugs from these clones, and not Windows).
The code was also encrypted so that Novell did not have time to figure it out and release the DR-DOS version that would run it before the end of the beta test of Windows — that would confuse the test organizers with the results.

After beta testing, but before the release, the project management changed plans, and at the last moment the DOS “authenticity” check was removed altogether. The existing code, just in case, was left in place: the smaller the change volume, the less chance of inadvertently dropping something else.

Unusual memories "on the other side of the barricades" leads Larry Osterman :

I don't know why the AARD code was confused; I think this is nonsense. But I must say that I absolutely agree with the idea of ​​DOS authentication. Windows developers have decided that they belong to all parts of the system, including undocumented OS structures. They knew how to find them, they knew their size, and they did not hesitate for a minute, replacing these internal structures with their own. Needless to say, from the MS-DOS developer’s point of view, Windows support was a nightmare.

One example: when Windows was loading, it increased the size of the SFT — the internal table of MS-DOS files (this is the same table that is set by the FILES= line FILES= in config.sys ). It was necessary to increase it, so that at the same time it was possible to open more than 20 files: imagine a multitasking OS in which it would be impossible to open 20 files. But for this, Windows programmers with an undocumented call received a pointer to the “interesting” MS-DOS structures, added a known offset, and replaced the system SFT with their own.

When I was working on MS-DOS 4.0, and we needed to provide support for Windows, then leaving the pointer in the place where Windows expected to find it was easy. The problem was that MS-DOS 4.0 SFT was two bytes more than MS-DOS 3.1. In order for Windows to replace SFT, I added a DOS code to the bootloader that recognizes the launch of WIN.COM ; finds in its code a MOV instruction with an operand equal to the size of the old SFT; and directly in memory replaces this operand with a new SFT size.
Exactly: we had to patch Windows code on the go in order for it to continue working.

Now you understand why Windows did not want to run on DOS clones. Besides the fact that she managed in undocumented structures, she actively used the features of concrete implementations of system functions: at what moments they can be called and at which it is impossible; which ones are reentrant and which ones are not. Imagine what might have happened on an incompletely compatible DOS: from unexplained freezes to data corruption on the disk.

Considering what fine neurosurgery Windows did in the guts of MS-DOS, it is only natural that she was convinced that the patient was not replaced.

Source: https://habr.com/ru/post/103757/

All Articles