Geoff Chappell - Software Analyst
The only new page that I actually did finish for March is not truly new. As a digression in a very large page, it did not have the prominence I think it deserves and so I have broken it out as its own page, and added a few thoughts.
It’s about an internal routine whose source code looks like it hasn’t changed in three decades. Windows retains older routines, of course, but I know of nothing else in the Windows kernel that is this old without at least some change to its source code. Through all these years, this routine has executed once each time that Windows has started—so, not often in the early years, but tens of millions of times per day may nowadays be a conservative estimate. If this alone weren’t worth attention, it comes with two lessons.
One is for history, from what the routine’s very peculiar coding fossilises of an incapability at 64-bit arithmetic by early versions of Microsoft’s 32-bit compiler. The other is for the respectability of research into Windows, past, present and future. This is very dear to me and doesn’t get nearly enough consideration as reverse engineering is put into use that I didn’t dare dream of thirty years ago. What does this routine’s very direct transcription into ReactOS say about clean-room reverse engineering, the willingness of people to claim it as what they’ve done, and the susceptibility of others to accept the claims?
All being well, the many unfinished edits and new pages that I started work on in March, February and even January will get returned to in April. An unhappy side-effect is that the live site has broken links. Please bear with me.