Terminate-and-stay-resident program

Last updated December 15, 2024

A terminate-and-stay-resident program (commonly TSR) is a computer program running under DOS that uses a system call to return control to DOS as though it has finished, but remains in computer memory so it can be reactivated later.^[1] This technique partially overcame DOS's limitation of executing only one program, or task, at a time. TSRs are used only in DOS, not in Windows.

Some TSRs are utility software that a computer user might call up several times a day, while working in another program, by using a hotkey. Borland Sidekick was an early and popular example of this type. Others serve as device drivers for hardware that the operating system does not directly support.

Use

Normally DOS can run only one program at a time. When a program finishes, it returns control to DOS using the system call INT 21h/4Ch of the DOS API.^[2] The memory and system resources used are then marked as unused. This makes it impossible to restart parts of the program without having to reload it all. However, if a program ends with the system call INT 27h or INT 21h/31h, the operating system does not reuse a certain specified part of its memory.

The original call, INT 27h, is called "terminate but stay resident", hence the name "TSR". Using this call, a program can make up to 64 KB of its memory resident. MS-DOS version 2.0 introduced an improved call, INT 21h/31h ('Keep Process'), which removed this limitation and let the program return an exit code. Before making this call, the program can install one or several interrupt handlers pointing into itself, so that it can be called again. Installing a hardware interrupt vector allows such a program to react to hardware events. Installing a software interrupt vector allows it to be called by the currently running program. Installing a timer interrupt handler allows a TSR to run periodically (using a programmable interval timer).

The typical method of using an interrupt vector involves reading its present value (the address), storing it within the memory space of the TSR, and replacing it with an address in its own code. The stored address is called from the TSR, in effect forming a singly linked list of interrupt handlers, also called interrupt service routines, or ISRs. This procedure of installing ISRs is called chaining or hooking an interrupt or an interrupt vector.

TSRs can be loaded at any time; either during the DOS startup sequence (for example, from AUTOEXEC.BAT), or at the user's request (for example, Borland's Sidekick and Turbo Debugger, Quicken's QuickPay, or FunStuff Software's Personal Calendar). Parts of DOS itself use this technique, especially in DOS versions 5.0 and later. For example, the DOSKEY command-line editor and various other utilities are installed by running them at the command line (manually, or from AUTOEXEC.BAT or through INSTALL from within CONFIG.SYS) rather than loading them as device drivers through DEVICE statements in CONFIG.SYS.

Some TSRs have no way to unload themselves, so they will remain in memory until a reboot. However unloading is possible externally, using utilities like the MARK.EXE/RELEASE.EXE combo by TurboPower Software or soft reboot TSRs which will catch a specific key combination and release all TSRs loaded after them. As the chain of ISRs is singly linked, and a TSR may store the link to its predecessor anywhere it chooses, there is no general way for a TSR to remove itself from the chain. So usually a stub must be left in memory when unloading a TSR, causing memory fragmentation. This problem gave rise to TSR cooperation frameworks such as TesSeRact and AMIS.^[3]

Interrupt sharing

To manage problems with many TSRs sharing the same interrupt, a method called Alternate Multiplex Interrupt Specification (AMIS) was proposed by Ralf D. Brown as an improvement over previously used services offered via INT 2Fh. AMIS provides ways to share software interrupts in a controlled manner. It is modeled after IBM's Interrupt Sharing Protocol, originally invented for sharing hardware interrupts of an x86 processor. AMIS services are available via Int 2Dh.^[4]

The proposal never gained a widespread traction among programmers in its days. It existed alongside several other competing specifications of varying sophistication.^[5]

Faults

While very useful, or even essential to overcome DOS's limitations, TSRs have a reputation as troublemakers. Many hijack the operating system in varying documented or undocumented ways, often causing systems to crash on their activation or deactivation when used with particular applications or other TSRs.

By chaining the interrupt vectors TSRs can take complete control of the computer. A TSR can have one of two behaviors:

Take complete control of an interrupt by not calling other TSRs that had previously altered the same interrupt vector.
Cascade with other TSRs by calling the old interrupt vector. This can be done before or after they executed their actual code. This way TSRs can form a chain where each calls the next.

The terminate-and-stay-resident method is used by most DOS viruses and other malware, which can either take control of the PC or stay in the background. This malware can react to disk I/O or execution events by infecting executable (.EXE or .COM) files when it is run and data files when they are opened.

Additionally, in DOS all programs must be loaded into the first 640 KB of RAM (the conventional memory), even on computers with large amounts of physical RAM. TSRs are no exception, and take chunks from that 640 KB that are thus unavailable to other applications. This meant that writing a TSR was a challenge of achieving the smallest possible size for it, and checking it for compatibility with a lot of software products from different vendors—often a very frustrating task.

In the late 1980s and early 1990s, many video games on the PC platform pushed up against this limit and left less and less space for TSRs—even essential ones like CD-ROM drivers—and arranging things so that there was enough free RAM to run the games, while keeping the necessary TSRs present, became very complicated. Many gamers had several boot disks with different configurations for different games. In later versions of MS-DOS, "boot menu" scripts allowed various configurations to be selectable via a single menu entry. In the mid- to later 1990s, while many games were still written for DOS, the 640 KB limit was eventually overcome by putting parts of the game's data above the first 1 MB of memory and using the code below 640 KB to access the extended memory using expanded memory (EMS) by making use of overlay technique. An alternative later approach was to switch the CPU into Protected Mode by using DOS extenders and run the program in protected mode. The latter allowed to have code and data in the extended memory area.^{[ citation needed ]}

Because programming with many overlays is a challenge in and of itself, once the program was too big to fit entirely into about 512 KB, use of extended memory was almost always done using a third-party DOS extender implementing VCPI or DPMI, because it becomes much easier and faster to access memory above the 1 MB boundary, and possible to run code in that area, when the x86 processor is switched from real mode to protected mode. However, since DOS and most DOS programs run in real mode (VCPI or DPMI makes a protected-mode program look like a real-mode program to DOS and the rest of the system by switching back and forth between the two modes), DOS TSRs and device drivers also run in real mode, and so any time one gets control, the DOS extender has to switch back to real mode until it relinquishes control, incurring a time penalty (unless they utilize techniques such as DPMS or CLOAKING).

Return

With the arrival of expanded memory boards and especially of Intel 80386 processors in the second half of the 1980s, it became possible to use memory above 640 KB to load TSRs. This required complex software solutions, named expanded memory managers. Some memory managers are QRAM and QEMM by Quarterdeck, 386^MAX by Qualitas, CEMM by Compaq, and later EMM386 by Microsoft. The memory areas usable for loading TSRs above 640 KB are called "upper memory blocks" (UMBs) and loading programs into them is called loading high. Later, memory managers started including programs such as Quarterdeck's Optimize or Microsoft's MEMMAKER which try to maximize the available space in the first 640 KB by determining how best to allocate TSRs between low and high memory.

Decline

With the development of games using DOS extenders (an early example was Doom ) which bypassed the 640 KB barrier, many of the issues relating to TSRs disappeared, and with the widespread adoption of Microsoft Windows and especially Windows 95 (followed by Windows 98) – which rendered most TSRs unnecessary and some TSRs incompatible – the TSR faded into obsolescence, though Win16 applications can do TSR-like tricks such as patching the interrupt descriptor table (IDT) because Windows allowed it. Windows Me does not allow a computer to boot into a DOS Kernel by shutting down Windows Me; thus TSRs became useless on Windows Me.

The Windows NT series (including Windows 2000, Windows XP, and later) replaced DOS completely and run in protected mode or long mode (later 64-bit versions only) all the time, disabling the ability to switch to real mode, which is needed for TSRs to function. Instead these operating systems have modern driver and service frameworks with memory protection and preemptive multitasking, allowing multiple programs and device drivers to run simultaneously without the need for special programming tricks; the kernel and its modules have been made exclusively responsible for modifying the interrupt table.

Related Research Articles

In computing, BIOS is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The firmware comes pre-installed on the computer's motherboard.

x86 assembly language is a family of low-level programming languages that are used to produce object code for the x86 class of processors. These languages provide backward compatibility with CPUs dating back to the Intel 8008 microprocessor, introduced in April 1972. As assembly languages, they are closely tied to the architecture's machine code instructions, allowing for precise control over hardware.

The A20, or address line 20, is one of the electrical lines that make up the system bus of an x86-based computer system. The A20 line in particular is used to transmit the 21st bit on the address bus.

In IBM PC compatible computing, DOS memory management refers to software and techniques employed to give applications access to more than 640 kibibytes (KiB) of "conventional memory". The 640 KiB limit was specific to the IBM PC and close compatibles; other machines running MS-DOS had different limits, for example the Apricot PC could have up to 768 KiB and the Sirius Victor 9000, 896 KiB. Memory management on the IBM family was made complex by the need to maintain backward compatibility to the original PC design and real-mode DOS, while allowing computer users to take advantage of large amounts of low-cost memory and new generations of processors. Since DOS has given way to Microsoft Windows and other 32-bit operating systems not restricted by the original arbitrary 640 KiB limit of the IBM PC, managing the memory of a personal computer no longer requires the user to manually manipulate internal settings and parameters of the system.

In computing, the DOS Protected Mode Interface (DPMI) is a specification introduced in 1989 which allows a DOS program to run in protected mode, giving access to many features of the new PC processors of the time not available in real mode. It was initially developed by Microsoft for Windows 3.0, although Microsoft later turned control of the specification over to an industry committee with open membership. Almost all modern DOS extenders are based on DPMI and allow DOS programs to address all memory available in the PC and to run in protected mode.

In DOS memory management, extended memory refers to memory above the first megabyte (2²⁰ bytes) of address space in an IBM PC or compatible with an 80286 or later processor. The term is mainly used under the DOS and Windows operating systems. DOS programs, running in real mode or virtual x86 mode, cannot directly access this memory, but are able to do so through an application programming interface (API) called the Extended Memory Specification (XMS). This API is implemented by a driver (such as HIMEM.SYS) or the operating system kernel, which takes care of memory management and copying memory between conventional and extended memory, by temporarily switching the processor into protected mode. In this context, the term "extended memory" may refer to either the whole of the extended memory or only the portion available through this API.

In DOS memory management, conventional memory, also called base memory, is the first 640 kilobytes of the memory on IBM PC or compatible systems. It is the read-write memory directly addressable by the processor for use by the operating system and application programs. As memory prices rapidly declined, this design decision became a limitation in the use of large memory capacities until the introduction of operating systems and processors that made it irrelevant.

In DOS memory management, the high memory area (HMA) is the RAM area consisting of the first 65520 bytes above the one megabyte in an IBM AT or compatible computer.

A COM file is a type of simple executable file. On the Digital Equipment Corporation (DEC) VAX operating systems of the 1970s, .COM was used as a filename extension for text files containing commands to be issued to the operating system. With the introduction of Digital Research's CP/M, the type of files commonly associated with COM extension changed to that of executable files. This convention was later carried over to DOS. Even when complemented by the more general EXE file format for executables, the compact COM files remained viable and frequently used under DOS.

<span class="mw-page-title-main">IBM TopView</span> Former front-end to DOS

TopView is the first object-oriented, multitasking, and windowing, personal computer operating environment for PC DOS developed by IBM, announced in August 1984 and shipped in March 1985. TopView provided a text-mode operating environment that allowed users to run more than one application at the same time on a PC. IBM demonstrated an early version of the product to key customers before making it generally available, around the time they shipped their new PC AT computer.

The Program Segment Prefix (PSP) is a data structure used in DOS systems to store the state of a program. It resembles the Zero Page in the CP/M operating system. The PSP has the following structure:

BIOS implementations provide interrupts that can be invoked by operating systems and application programs to use the facilities of the firmware on IBM PC compatible computers. Traditionally, BIOS calls are mainly used by DOS programs and some other software such as boot loaders. BIOS runs in the real address mode of the x86 CPU, so programs that call BIOS either must also run in real mode or must switch from protected mode to real mode before calling BIOS and then switching back again. For this reason, modern operating systems that use the CPU in Protected mode or Long mode generally do not use the BIOS interrupt calls to support system functions, although they use the BIOS interrupt calls to probe and initialize hardware during booting. Real mode has the 1MB memory limitation, modern boot loaders use the unreal mode or protected mode to access up to 4GB memory.

Virtual DOS machines (VDM) refer to a technology that allows running 16-bit/32-bit DOS and 16-bit Windows programs when there is already another operating system running and controlling the hardware.

<span class="mw-page-title-main">Rainbow 100</span> DEC microcomputer

The Rainbow 100 is a microcomputer introduced by Digital Equipment Corporation (DEC) in 1982. This desktop unit had a monitor similar to the VT220 and a dual-CPU box with both 4 MHz Zilog Z80 and 4.81 MHz Intel 8088 CPUs. The Rainbow 100 was a triple-use machine: VT100 mode, 8-bit CP/M mode, and CP/M-86 or MS-DOS mode using the 8088. It ultimately failed to succeed in the marketplace which became dominated by the simpler IBM PC and its clones which established the industry standard as compatibility with CP/M became less important than IBM PC compatibility. Writer David Ahl called it a disastrous foray into the personal computer market. The Rainbow was launched along with the similarly packaged DEC Professional and DECmate II which were also not successful. The failure of DEC to gain a significant foothold in the high-volume PC market would be the beginning of the end of the computer hardware industry in New England, as nearly all computer companies located there were focused on minicomputers for large organizations, from DEC to Data General, Wang, Prime, Computervision, Honeywell, and Symbolics Inc.

In DOS memory management, the upper memory area (UMA) is the memory between the addresses of 640 KB and 1024 KB (0xA0000–0xFFFFF) in an IBM PC or compatible. IBM reserved the uppermost 384 KB of the 8088 CPU's 1024 KB address space for BIOS ROM, Video BIOS, Option ROMs, video RAM, RAM on peripherals, memory-mapped I/O, and obsoleted ROM BASIC.

INT 13h is shorthand for BIOS interrupt call 13_hex, the 20th interrupt vector in an x86-based computer system. The BIOS typically sets up a real mode interrupt handler at this vector that provides sector-based hard disk and floppy disk read and write services using cylinder-head-sector (CHS) addressing. Modern PC BIOSes also include INT 13h extension functions, originated by IBM and Microsoft in 1992, that provide those same disk access services using 64-bit LBA addressing; with minor additions, these were quasi-standardized by Phoenix Technologies and others as the EDD BIOS extensions.

On many computer operating systems, a computer process terminates its execution by making an exit system call. More generally, an exit in a multithreading environment means that a thread of execution has stopped running. For resource management, the operating system reclaims resources that were used by the process. The process is said to be a dead process after it terminates.

The DOS API is an API which originated with 86-DOS and is used in MS-DOS/PC DOS and other DOS-compatible operating systems. Most calls to the DOS API are invoked using software interrupt 21h. By calling INT 21h with a subfunction number in the AH processor register and other parameters in other registers, various DOS services can be invoked. These include handling keyboard input, video output, disk file access, program execution, memory allocation, and various other activities. In the late 1980s, DOS extenders along with the DOS Protected Mode Interface (DPMI) allow the programs to run in either 16-bit or 32-bit protected mode and still have access to the DOS API.

The Windows 9x series of operating systems refers to a series of Microsoft Windows operating systems produced from 1995 to 2000. They are based on the Windows 95 kernel which is a monolithic kernel. The basic code is similar in function to MS-DOS. They are 16-/32-bit hybrids and require support from MS-DOS to operate.

DOS Protected Mode Services (DPMS) is a set of extended DOS memory management services to allow DPMS-enabled DOS drivers to load and execute in extended memory and protected mode.

References

↑ Maybury, Rick (1998). "Beat the Bug—Computer Viruses". PC Top Tips. Archived from the original on September 28, 2009. Retrieved 2012-02-09.{{cite web}}: CS1 maint: unfit URL (link)
↑ HelpPC reference: INT 21,0 – Program Terminate
↑ "a list of TSR libraries". Archived from the original on 2007-08-17. also known as frameworks.
↑ "int 2D". Archived from the original on 2017-12-01. Retrieved 2019-11-14.
↑ "TSR Libraries". 2016-06-19. Archived from the original on 2016-06-19. Retrieved 2019-11-14.

External links

An early TSR
comp.os.msdos.programmer FAQ – How can I write a TSR (Terminate-and-Stay-Resident) utility?
A to Z of C; a free book on DOS programming in C; Chapter 27 – "TSR programming" (PDF). (80 KB)
IBM's Interrupt-Sharing Protocol, zip archive, 6.5 KB (Simtel)
The Alternate Multiplex Interrupt Specification (AMIS), v.3.5 (zipfile)
AMISLIB – a function library to write self-highloading, removable TSRs in assembler (zipfile)

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Maybury, Rick (1998). "Beat the Bug—Computer Viruses". PC Top Tips. Archived from the original on September 28, 2009. Retrieved 2012-02-09.{{cite web}}: CS1 maint: unfit URL (link)

[2] HelpPC reference: INT 21,0 – Program Terminate

[3] "a list of TSR libraries". Archived from the original on 2007-08-17. also known as frameworks.

[4] "int 2D". Archived from the original on 2017-12-01. Retrieved 2019-11-14.

[5] "TSR Libraries". 2016-06-19. Archived from the original on 2016-06-19. Retrieved 2019-11-14.

[1]

[2]

[3]

[4]

[5]