So I've used CFF Explorer to add a code section to an .exe file. I've set the section characteristics to 0x60000020 (executable, readable, contains code) and created some dummy code there using IDA.
However, when I injected a jmp to that code from the original .text segment, all I got was an access violation. I used IDA to patch the binary, so it generated offsets for me, but it seems to be right:
jmp far ptr 6:75D100h
The resulting opcode looks right too:
EA 00 D1 75 00 06 00
But as soon as I hit that jump - "The instruction referenced memory at 0xFFFFFFFF, memory can't be read". I've experimented a bit with offsets to no avail; The appended segment seems to be properly loaded in memory.
Would be grateful for any hint to what I am missing here:)
Just to mark this as answered - the solution, as proposed by @Jester and @RossRidge, was to drop the jmp far. Using
jmp near ptr 75D100h
fixed everything. Have to say IDA's behavior can be somewhat wierd.