In order to understand this node, you need to read my writeup in for(int *p=0;;*(p++)=0);
This node is something of a follow-up. The two nodes were separated in order that this node could be independently searched for.

Note that when The Loop linked to above is run on a machine running a Microsoft operating system based on the Windows 9x kernel, it will give you something along the lines of "general protection fault" or "This program has performed an illegal operation and has been shut down". Many windows users take such messages to mean that Windows is an OS with full protected memory. They are mistaken. Windows 9x has a form of memory protection, but it does not have true protected memory.

In a true protected memory system, such as any *n?x system or Windows NT, each program is given its own memory space, and is not able to touch or in any way access anything outside that space. This gives a great deal of security; it also means the entire system is more stable, because it means if a program crashes, only that program crashes-- the others are unaffected. Windows 9x, however, does not have true protected memory even though it does have a form of memory protection because it is still possible for one single program to crash the entire operating system and all other programs. The thing is, there are protected spaces within memory-- but there are also spaces which are not protected at all. The for(int *p=0;;*(p++)=0); loop will be caught by the Win9x pseudoprotected memory, because it begins at address zero, and address zero is one of the addresses Win9x attempts to trap you at.
So, all you have to do is start somewhere else.

void main() {for(int *p=(int *)0x00010000;;*(p++)=0);}

Try running the bit of code above.
Still believe windows has protected memory..?
Above code contributed by Phillip, this guy i know, who saw my original Loop and decided to try to find an address windows left unprotected. His tests on Windows 98 boxen have produced varying results, ranging from the machine simply shutting off to a BSOD followed by the monitor reporting it was no longer receiving signal from the computer. In no case did the computer in question continue to do anything that could remotely be called "function", including response to mouse events.

See also The quickest way to crash Windows NT/2000/XP

From a DOS Prompt under Windows 95:

C:\> debug
-f ffff:0000 ffff ff

Even a DOS program can take out Win95.

(This fills the area FFFF:0000-FFFF with the value FF. I believe this area is used by Windows for task-switching code while in Virtual 8086 Mode.)

Windows 9x (95, 98, and ME) were consumer operating systems. By consumer, I mean that they were built to be sold to the masses. They were not constructed with the same goals as a product such as Windows NT, and thus did not have true protected memory. If Microsoft had a superior product in hand (Windows NT 4.0 came out a few months after 95a did), why continue to build 9x OS's? There are several fairly rational reasons.

People compare Windows 98 to Linux all the time, and that is definitely an apples to gorillas comparison. No one compares Linux to Macintosh (as Linux would surely win). The real bout the UNIX crowd has is against NT. Windows 9x was built for speed, wide hardware acceptance, low requirements, and compatibility with a huge software base (as stated above). Protected memory (while obviously do-able), didn't fit in these requirements. So what if people have to reboot a few times, or a bad program would take down the computer. How different is that from DOS, or from Windows 3.1? Windows 9x was a transition series of OS improvements until we are at the bar we are today... protected memory, good networking, and server capabilities. The PC has come a long way.. let's keep the comparisons on an even plane.

*One noticable difference in compatibility was that undelete was expressly forbidden from running on Windows 9x.

Log in or registerto write something here or to contact authors.