Real-Mode Memory Management

by Yariv Kaplan

Following reset, Intel processors start executing code in the real-mode operating environment. Since real-mode is fully compatible with the 8086 architecture, it enables execution of MS-DOS applications on newer processors such as the Pentium and Pentium Pro. Unfortunately, along with the numerous benefits of real-mode, there is also one major drawback to this mechanism. That is, a processor running in real-mode can exploit only the lowest 20 bits of its address bus and is therefore limited to the meagre 1MB memory space of the 8086. IBM's decision to reserve the upper 384KB of the PC for ISA add-on cards (and the BIOS), made things even worst since it left real-mode applications (including MS-DOS itself) with barely 640KB of RAM to work with.

As you already know, a processor requires a minimum of 20 address lines to have the ability to access 1MB of memory. When Intel engineers designed the 8086, it was impracticle to implement a 20 bit address register to hold the generated addresses. So instead, Intel decided to divide address space into 64KB segments and coordinate memory access through the use of two 16 bit values - a Segment and an Offset.


Figure 1 - Real-mode memory translation process

Four dedicated Segment Registers were created in order to hold the segment portion of the processor generated addresses. Each of these registers was designated to serve as a base pointer to a unique segment in the processor physical address space.

Segment Register Designated Role
CS
Code Segment Register
This register points to the currently active code segment. Used in conjunction with the IP register to point to the next instruction to be fetched and executed by the processor.
DS
Data Segment Register
This register usually points to the default data segment which contains the global and static variables of the active application.
ES
Extra Segment Register
General purpose segment register used mostly for data transfers between different segments.
SS
Stack Segment Register
This register points to the segment containing the active stack. The top of stack is located at address SS:SP.
FS
GS
General Purpose Segment Registers
First introduced on the 80386, these segment registers can be used for any purpose in your application code.
Table 1 - Segment registers on the 80x86 processors

The value set into a segment register identifies a specific 64KB region of memory, whereas the offset part points to an exact location within that region. To calculate a physical address, the processor shifts the content of the segment register four bits to the left (thus multiplying its value by 16) and adds the offset.


Figure 2 - Physical memory calculation in real-mode

The notation adopted by Intel for address representation in real-mode is segment:offset. For an example consider address A359:B3FD which is located at segment A359h and has an offset which equals B3FDh. This notation was chosen since it serves the need to pinpoint an exact location within the physical address space of the processor while allowing the programmer to examine the internal composition of the address value.

Interesting to note is the fact that although segments are 64KB in size, they are spaced 16 bytes apart in memory. This should make perfect sense to you if you understand the procedure taken by the processor when it calculates physical addresses in real-mode. Since the content of a segment register forms the 16 high-order bits of a physical address, it is always divisible by 16 and has its lowest four bits set to zero.

This concept is clearly depicted in the following figure:


Figure 3 - Consecutive segments

Note that there is an area of overlap between segments in real-mode, so each physical address is accessible using many different combinations of segment and offset values. For instance, if we load one of the segment registers with 1234h and use an offset which equals 5h, we can read the content of physical address 12345h.

Mov BX, 1234h
Mov ES, BX
Mov BX, 5h
Mov AL, [ES:BX]

In this case, the processor will shift 1234h four bits to the left (12340h) and add the offset 5h. Alternatively, we could load ES with 1233h and use an offset which equals 15h to get a pointer which corresponds to the same physical memory location.

For years, the world of personal computing was dominated by real-mode MS-DOS. The arrival of the Windows operating system which dispensed with real-mode in favor of the much advanced protected-mode, marked a new era in the computing industry. In the next chapter we will begin our exploration of the protected-mode architecture, concentrating mainly on the complex and often byzantine issue of memory management.


Copyright © 1997, 1998 Yariv Kaplan
yariv@internals.com