[ACCEPTED]-What is INT 21h?-internals

Accepted answer
Score: 12

From here: A multipurpose DOS interrupt used 5 for various functions including reading 4 the keyboard and writing to the console 3 and printer. It was also used to read and 2 write disks using the earlier File Control 1 Block (FCB) method.

Score: 10

DOS can be thought of as a library used 69 to provide a files/directories abstraction 68 for the PC (-and a bit more). int 21h is a simple 67 hardware "trick" that makes it easy to call 66 code from this library without knowing in 65 advance where it will be located in memory. Alternatively, you 64 can think of this as the way to utilise 63 the DOS API.

Now, the topic of software interrupts 62 is a complex one, partly because the concepts 61 evolved over time as Intel added features 60 to the x86 family, while trying to remain 59 compatible with old software. A proper explanation 58 would take a few pages, but I'll try to 57 be brief.

The main question is whether you 56 are in real mode or protected mode.

Real mode is the simple, "original" mode 55 of operation for the x86 processor. This 54 is the mode that DOS runs in (when you run 53 DOS programs under Windows, a real mode 52 processor is virtualised, so within it the 51 same rules apply). The currently running 50 program has full control over the processor.

In 49 real mode, there is a vector table that 48 tells the processor which address to jump 47 to for every interrupt from 0 to 255. This 46 table is populated by the BIOS and DOS, as 45 well as device drivers, and sometimes programs 44 with special needs. Some of these interrupts 43 can be generated by hardware (e.g. by a 42 keypress). Others are generated by certain 41 software conditions (e.g. divide by 0). Any of 40 them can be generated by executing the int n instruction.

Programs 39 can set/clear the "enable interrupts" flag; this 38 flag affects hardware interrupts only and 37 does not affect int instructions.

The DOS designers 36 chose to use interrupt number 21h to handle 35 DOS requests - the number is of no real 34 significance: it was just an unused entry 33 at the time. There are many others (number 32 10h is a BIOS-installed interrupt routine 31 that deals with graphics, for instance). Also 30 note that all this is for IBM PC compatibles 29 only. x86 processors in say embedded systems 28 may have their software and interrupt tables 27 arranged quite differently!

Protected mode is the complex, "security-aware" mode 26 that was introduced in the 286 processor 25 and much extended on the 386. It provides 24 multiple privilege levels. The OS must configure 23 all of this (and if the OS gets it wrong, you 22 have a potential security exploit). User 21 programs are generally confined to a "minimal 20 privilege" mode of operation, where trying 19 to access hardware ports, or changing the 18 interrupt flag, or accessing certain memory 17 regions, halts the program and allows the 16 OS to decide what to do (be it terminate 15 the program or give the program what it 14 seems to want).

Interrupt handling is made 13 more complex. Suffice to say that generally, if 12 a user program does a software interrupt, the 11 interrupt number is not used as a vector into 10 the interrupt table. Rather a general protection 9 exception is generated and the OS handler 8 for said exception may (if the OS is design 7 this way) work out what the process wants 6 and service the request. I'm pretty sure 5 Linux and Windows have in the past (if not 4 currently) used this sort of mechanism for 3 their system calls. But there are other 2 ways to achieve this, such as the SYSENTER 1 instruction.

Score: 8

Ralph Brown's interrupt list contains a lot of information on which 3 interrupt does what. int 21, like all others, supports 2 a wide range of functionality depending 1 on register values.

A non-HTML version of Ralph Brown's list is also available.

Score: 3

The INT instruction is a software interrupt. It 7 causes a jump to a routine pointed to by 6 an interrupt vector, which is a fixed location 5 in memory. The advantage of the INT instruction 4 is that is only 2 bytes long, as oposed 3 to maybe 6 for a JMP, and that it can easily 2 be re-directed by modifying the contents 1 of the interrupt vector.

Score: 2

This is from the great The Art of Assembly Language Programming about interrupts:

On 22 the 80x86, there are three types of events 21 commonly known as interrupts: traps, exceptions, and 20 interrupts (hardware interrupts). This 19 chapter will describe each of these forms 18 and discuss their support on the 80x86 17 CPUs and PC compatible machines.

Although 16 the terms trap and exception are often used 15 synonymously, we will use the term trap 14 to denote a programmer initiated and expected transfer 13 of control to a special handler routine. In 12 many respects, a trap is nothing more 11 than a specialized subroutine call. Many 10 texts refer to traps as software interrupts. The 9 80x86 int instruction is the main vehicle 8 for executing a trap. Note that traps are 7 usually unconditional; that is, when you 6 execute an int instruction, control always 5 transfers to the procedure associated with 4 the trap. Since traps execute via an explicit 3 instruction, it is easy to determine exactly 2 which instructions in a program will invoke 1 a trap handling routine.

Chapter 17 - Interrupt Structure and Interrupt Service Routines

Score: 2

Int 0x21 is an x86 software interrupt - basically 27 that means there is an interrupt table at 26 a fixed point in memory listing the addresses 25 of software interrupt functions. When an 24 x86 CPU receives the interrupt opcode (or 23 otherwise decides that a particular software 22 interrupt should be executed), it references 21 that table to execute a call to that point 20 (the function at that point must use iret instead 19 of ret to return).

It is possible to remap 18 Int 0x21 and other software interrupts (even 17 inside DOS though this can have negative 16 side effects). One interesting software 15 interrupt to map or chain is Int 0x1C (or 14 0x08 if you are careful), which is the system 13 tick interrupt, called 18.2 times every 12 second. This can be used to create "background" processes, even 11 in single threaded real mode (the real mode 10 process will be interrupted 18.2 times a 9 second to call your interrupt function).

On 8 the DOS operating system (or a system that 7 is providing some DOS emulation, such as 6 Windows console) Int 0x21 is mapped to what 5 is effectively the DOS operating systems 4 main "API". By providing different values 3 to the AH register, different DOS functions 2 can be executed such as opening a file (AH=0x3D) or 1 printing to the screen (AH=0x09).

Score: 1

(Almost) the whole DOS interface was made 5 available as INT21h commands, with parameters 4 in the various registers. It's a little 3 trick, using a built-in-hardware table to 2 jump to the right code. Also INT 33h was 1 for the mouse.

Score: 1

It's a "software interrupt"; so not a hardware 9 interrupt at all.

When an application invokes 8 a software interrupt, that's essentially 7 the same as its making a subroutine call, except 6 that (unlike a subroutine call) the doesn't 5 need to know the exact memory address of 4 the code it's invoking.

System software (e.g. DOS 3 and the BIOS) expose their APIs to the application 2 as software interrupts.

The software interrupt 1 is therefore a kind of dynamic-linking.

Score: 0

Actually, there are a lot of concepts here. Let's 17 start with the basics.

An interrupt is a 16 mean to request attention from the CPU, to 15 interrupt the current program flow, jump to an interrupt 14 handler (ISR - Interrupt Service Routine), do 13 some work (usually by the OS kernel or a 12 device driver) and then return.

What are 11 some typical uses for interrupts?

  • Hardware interrupts: A device requests attention from the CPU by issuing an interrupt request.
  • CPU Exceptions: If some abnormal CPU condition happens, such as a division by zero, a page fault, ... the CPU jumps to the corresponding interrupt handler so the OS can do whatever it has to do (send a signal to a process, load a page from swap and update the TLB/page table, ...).
  • Software interrupts: Since an interrupt ends up calling the OS kernel, a simple way to implement system calls is to use interrupts. But you don't need to, in x86 you could use a call instruction to some structure (some kind of TSS IIRC), and on newer x86 there are SYSCALL / SYSENTER intructions.

CPUs decide 10 where to jump to looking at a table (exception 9 vectors, interrupt vectors, IVT in x86 real 8 mode, IDT in x86 protected mode, ...). Some 7 CPUs have a single vector for hardware interrupts, another 6 one for exceptions and so on, and the ISR 5 has to do some work to identify the originator 4 of the interrupt. Others have lots of vectors, and 3 jump directly to very specific ISRs.

x86 2 has 256 interrupt vectors. On original PCs, these 1 were divided into several groups:

  • 00-04 CPU exceptions, including NMI. With later CPUs (80186, 286, ...), this range expanded, overlapping with the following ranges.
  • 08-0F These are hardware interrupts, usually referred as IRQ0-7. The PC-AT added IRQ8-15
  • 10-1F BIOS calls. Conceptually, these can be considered system calls, since the BIOS is the part of DOS that depends on the concrete machine (that's how it was defined in CP/M).
  • 20-2F DOS calls. Some of these are multiplexed, and offer multitude of functions. The main one is INT 21h, which offers most of DOS services.
  • 30-FF The rest, for use by external drivers and user programs.

More Related questions