Category : Unprotects for Games and Such
Archive   : UNP-R-T.ZIP
Filename : TIMER.SK

TIMER Found on Compuserve

Keywords: SIDEKICK PRINT BORLAND TIMER INTERRUPT FIX PATCH

This is an explination of the internal workings of Print.Com, a file
included in DOS for the IBM PC and compatibles. It explains how this
program fails to do its part to insure integrity of all registers. For
this reason some trouble was being experienced while using both SideKick
and Print.

.op
The timer tick generates an interrupt 8 18.2 per second. When SK
is not active, this interrupt is handled by the Bios as follows:

It pushes all registers used by the routine (AX among others.)
It updates the system timer count.
It updates the disk motor timer count.
It generates an int 1C.

When the spooler is active, it has placed a vector at int 1C,
pointing at the spooler's code. The spooler is therefore
activated in the middle of the int 8 handling. The cause of the
trouble is that the spooler now uses the ax register with out
saving it first. The fact that this usually doesn't cause any
problems is that the Bios int 8 routine restores the ax register
when the Spooler returns.

It generates an end-of-interrupt to the interrupt controler.
It pops the registers that where pushed.
It does an interrupt return.

With SK loaded it's a different story because SK uses int 8 to
check the keyboard for CTRL-Alt. We therefore replace the
address of the bios int 8 routine with the address of our own
routine. The address of the bios routine is saved in order to be
able to call it later.

When you first start SK from DOS, we read the int 10 detector and
store it. Then, each time you activate SK, we also read and
store the vector at int 10 and then replace it with an
interrupt return.

At each timer tick, the following happens:

SK received the int 8 and calls the bios int 8 routine to make
sure that the timer tick is properly handles. The bios int 8
routine does the same as above:

It pushes all registers used by the routine (AX among others).
It updates the system timer count.
It updates the disk motor timer count.
It generates an int 10.
SK has replaced the vector that the spooler placed here with a
IRET, so nothing happens. This is because we cannot allow the
timer tick to pass through to programs which use it, for example
to write on the screen.

It generates an end-of-interrupt to the interrupt controler.
It pops the registers that were pushed.
It does an interrupt return.

Back in SK's int 8 routine we make a call to the address that was
stored at int 10 when SK was first started. In this way he still
services any resident programs that were loaded before SK. With
the spooler active we therefore make a call to the spooler.

The spooler again corrupts the AX register because it uses it
without saving it first.
Back in SK we have no way of restoring the original contents of
the AX register because we did not save it (why should we, we
don't use it.)

In short, the root of the trouble is that the spooler destroys
the AX register. The fact that the Bio's int 8 routine saves and
stores it is pure coincidence.

I quote from the Technical Reference Manual, Pages 2-5, Section
Interrupt Hex 1C-timer tick:

"It is the responsibility of the application to save and restore
all registers that will be modified."

Relying on a version of the Bios which happens to save register
AX is bad programming practice. However, the guy who wrote the
print spooler did not rely on this because at another point in
his program he does correctly save AX. Obviously he simply
forgot and fortunately for him the Bios saved him.

The following patch will fix the problem:

SK.COM unprotected version change 7F8: 55 to 7F8: 50
SK.COM unprotected version change 805: 5D to 805: 58

SK.COM protected version change 801: 55 to 801: 50
SK.COM protected version change 80E: 5D to 80E: 58

Also on both above change 012C: 41 to 012C: 42