Int 21 Fn 4B - Dos 2+ - "exec" - Load And/or Execute Program [D]
AH = 4Bh
AL = type of load
00h load and execute
01h load but do not execute
03h load overlay (see #1277)
04h load and execute in background (European MS-DOS 4.0 only)
"Exec & Go" (see also AH=80h)
DS:DX -> ASCIZ program name (must include extension)
ES:BX -> parameter block (see #1276,#1277,#1278)
CX = mode (subfunction 04h only)
0000h child placed in zombie mode after termination
0001h child's return code discarded on termination
Return: CF clear if successful
BX,DX destroyed
if subfunction 01h, process ID set to new program's PSP; get with
INT 21/AH=62h
CF set on error
AX = error code (01h,02h,05h,08h,0Ah,0Bh) (see #1366 at AH=59h)
Notes: DOS 2.x destroys all registers, including SS:SP
under ROM-based DOS, if no disk path characters (colons or slashes)
are included in the program name, the name is searched for in the
ROM module headers (see #1281) before searching on disk
for functions 00h and 01h, the calling process must ensure that there
is enough unallocated memory available; if necessary, by releasing
memory with AH=49h or AH=4Ah
for function 01h, the AX value to be passed to the child program is put
on top of the child's stack
for function 03h, DOS assumes that the overlay is being loaded into
memory allocated by the caller
function 01h was undocumented prior to the release of DOS 5.0
some versions (such as DR DOS 6.0) check the parameters and parameter
block and return an error if an invalid value (such as an offset of
FFFFh) is found
background programs under European MS-DOS 4.0 must use the new
executable format
this function ignores the filename extension, instead checking the
first two bytes of the file to determine whether there is a valid
.EXE header (see #1280); if not, the file is assumed to be in .COM
format. If present, the file may be in any of several formats which
are extensions of the original .EXE format (see #1279)
.COM-format executables begin running with the following register
values:
AL = 00h if first FCB has valid drive letter, FFh if not
AH = 00h if second FCB has valid drive letter, FFh if not
CS,DS,ES,SS = PSP segment
SP = offset of last word available in first 64K segment
(note: AX is always 0000h under DESQview)
old-format executables begin running with the following register
values:
AL = 00h if first FCB has valid drive letter, FFh if not
AH = 00h if second FCB has valid drive letter, FFh if not
DS,ES = PSP segment
SS:SP as defined in .EXE header
(note: AX is always 0000h under DESQview)
new executables begin running with the following register values
AX = environment segment
BX = offset of command tail in environment segment
CX = size of automatic data segment (0000h = 64K)
ES,BP = 0000h
DS = automatic data segment
SS:SP = initial stack
the command tail corresponds to an old executable's PSP:0081h and
following, except that the 0Dh is turned into a NUL (00h); new
format executables have no PSP
under the FlashTek X-32 DOS extender, only function 00h is supported
and the pointers are passed in DS:EDX and ES:EBX
DR DOS 6 always loads .EXE-format programs with no fixups and
.COM-format programs starting with 9Ch 55h (PUSHF/PUSH BP) above the
64K mark to avoid the EXEPACK bug, by extending the memory block
containing the program's environment; this code is disabled if the
name of the parent program as stored in the MCB is 'WIN'.
DR DOS 3.41 and 5.0 check for a valid filename before testing the
subfunction number, so the otherwise invalid subfunction 02h will
only return error code 01h if the given filename actually exists;
otherwise, errors 02h, 03h, or 05h are returned
BUGS: DOS 2.00 assumes that DS points at the current program's PSP
Load Overlay (subfunction 03h) loads up to 512 bytes too many if the
file contains additional data after the actual overlay
Load but Do Not Execute (subfunction 01h) is reported to corrupt the
top word of the caller's stack if the loaded module terminates with
INT 21/AH=4Ch in some versions of MS-DOS, including v5.00.
See Also: AX=4B05h,AH=4Ch,AH=4Dh,AH=64h/BX=0025h,AH=8Ah,INT 2E,INT 60/DI=0604h
Format of EXEC parameter block for AL=00h,01h,04h:
Offset Size Description (Table 1276)
00h WORD segment of environment to copy for child process (copy caller's
environment if 0000h)
02h DWORD pointer to command tail to be copied into child's PSP
06h DWORD pointer to first FCB to be copied into child's PSP
0Ah DWORD pointer to second FCB to be copied into child's PSP
0Eh DWORD (AL=01h) will hold subprogram's initial SS:SP on return
12h DWORD (AL=01h) will hold entry point (CS:IP) on return
See Also: #1277,#1278
Format of EXEC parameter block for AL=03h:
Offset Size Description (Table 1277)
00h WORD segment at which to load overlay
02h WORD relocation factor to apply to overlay if in .EXE format
See Also: #1276,#1278
Format of EXEC parameter block for FlashTek X-32:
Offset Size Description (Table 1278)
00h PWORD 48-bit far pointer to environment string
06h PWORD 48-bit far pointer to command tail string
See Also: #1276,#1277
(Table 1279)
Values for the executable types understood by various environments:
MZ old-style DOS executable (see #1280)
NE Windows or OS/2 1.x segmented ("new") executable (see #1282)
LE Windows virtual device driver (VxD) linear executable (see #1295)
LX variant of LE used in OS/2 2.x (see #1295)
W3 Windows WIN386.EXE file; a collection of LE files
W4 Windows95 VMM32.VXD file
PE Win32 (Windows NT and Win32s) portable executable based on Unix COFF
DL HP 100LX/200LX system manager compliant executable (.EXM)
MP old PharLap .EXP (see #1305)
P2 PharLap 286 .EXP (see #1306)
P3 PharLap 386 .EXP (see #1306)
Format of .EXE file header:
Offset Size Description (Table 1280)
00h 2 BYTEs .EXE signature, either "MZ" or "ZM" (5A4Dh or 4D5Ah)
(see also #1279)
02h WORD number of bytes in last 512-byte page of executable
04h WORD total number of 512-byte pages in executable (includes any
partial last page)
06h WORD number of relocation entries
08h WORD header size in paragraphs
0Ah WORD minimum paragraphs of memory required to allocate in addition
to executable's size
0Ch WORD maximum paragraphs to allocate in addition to executable's size
0Eh WORD initial SS relative to start of executable
10h WORD initial SP
12h WORD checksum (one's complement of sum of all words in executable)
14h DWORD initial CS:IP relative to start of executable
18h WORD offset within header of relocation table
40h or greater for new-format (NE,LE,LX,W3,PE,etc.) executable
1Ah WORD overlay number (normally 0000h = main program)
---new executable---
1Ch 4 BYTEs ???
20h WORD behavior bits
22h 26 BYTEs reserved for additional behavior info
3Ch DWORD offset of new executable (NE,LE,etc) header within disk file,
or 00000000h if plain MZ executable
---Borland TLINK---
1Ch 2 BYTEs ??? (apparently always 01h 00h)
1Eh BYTE signature FBh
1Fh BYTE TLINK version (major in high nybble, minor in low nybble)
20h 2 BYTEs ??? (v2.0 apparently always 72h 6Ah, v3.0+ seems always 6Ah 72h)
---ARJ self-extracting archive---
1Ch 4 BYTEs signature "RJSX" (older versions, new signature is "aRJsfX" in
the first 1000 bytes of the file)
---LZEXE 0.90 compressed executable---
1Ch 4 BYTEs signature "LZ09"
---LZEXE 0.91 compressed executable---
1Ch 4 BYTEs signature "LZ91"
---PKLITE compressed executable---
1Ch BYTE minor version number
1Dh BYTE bits 0-3: major version
bit 4: extra compression
bit 5: huge (multi-segment) file
1Eh 6 BYTEs signature "PKLITE" (followed by copyright message)
---LHarc 1.x self-extracting archive---
1Ch 4 BYTEs unused???
20h 3 BYTEs jump to start of extraction code
23h 2 BYTEs ???
25h 12 BYTEs signature "LHarc's SFX "
---LHA 2.x self-extracting archive---
1Ch 8 BYTEs ???
24h 10 BYTEs signature "LHa's SFX " (v2.10) or "LHA's SFX " (v2.13)
---TopSpeed C 3.0 CRUNCH compressed file---
1Ch DWORD 018A0001h
20h WORD 1565h
---PKARCK 3.5 self-extracting archive---
1Ch DWORD 00020001h
20h WORD 0700h
---BSA (Soviet archiver) self-extracting archive---
1Ch WORD 000Fh
1Eh BYTE A7h
---LARC self-extracting archive---
1Ch 4 BYTEs ???
20h 11 BYTEs "SFX by LARC "
---LH self-extracting archive---
1Ch 8 BYTEs ???
24h 8 BYTEs "LH's SFX "
---RAR self-extracting archive---
1Ch 4 BYTEs signature "RSFX"
---other linkers---
1Ch var optional information
---
N N DWORDs relocation items
Notes: if word at offset 02h is 4, it should be treated as 00h, since pre-1.10
versions of the MS linker set it that way
if both minimum and maximum allocation (offset 0Ah/0Ch) are zero, the
program is loaded as high in memory as possible (DOS only checks
the maximum allocation, however)
the maximum allocation is set to FFFFh by default
additional data may be contained in the file beyond the end of the
load image described by the .EXE header; this data may be overlays,
the actual executable for newer-format executables, or debugging
information (see #1286,#1310)
See Also: #1282
Format of ROM Module Header:
Offset Size Description (Table 1281)
00h 2 BYTEs ROM signature 55h, AAh
02h BYTE size of ROM in 512-byte blocks
03h 3 BYTEs POST initialization entry point (near JMP instruction)
06h ROM Program Name List [array]
Offset Size Description
00h BYTE length of ROM program's name (00h if end of name list)
01h N BYTEs program name
N+1 3 BYTEs program entry point (near JMP instruction)
Format of new executable header:
Offset Size Description (Table 1282)
00h 2 BYTEs "NE" (4Eh 45h) signature
02h 2 BYTEs linker version (major, then minor)
04h WORD offset from start of this header to entry table (see #1289)
06h WORD length of entry table in bytes
08h DWORD file load CRC (0 in Borland's TPW)
0Ch BYTE program flags (see #1283)
0Dh BYTE application flags (see #1284)
0Eh WORD auto data segment index
10h WORD initial local heap size
12h WORD initial stack size (added to data seg, 0000h if SS <> DS)
14h DWORD program entry point (CS:IP), "CS" is index into segment table
18h DWORD initial stack pointer (SS:SP), "SS" is segment index
if SS=automatic data segment and SP=0000h, the stack pointer is
set to the top of the automatic data segment, just below the
local heap
1Ch WORD segment count
1Eh WORD module reference count
20h WORD length of nonresident names table in bytes
22h WORD offset from start of this header to segment table (see #1287)
24h WORD offset from start of this header to resource table
26h WORD offset from start of this header to resident names table
28h WORD offset from start of this header to module reference table
2Ah WORD offset from start of this header to imported names table
(array of counted strings, terminated with a string of length
00h)
2Ch DWORD offset from start of file to nonresident names table
30h WORD count of moveable entry point listed in entry table
.NG limit reached, continued in next section...