flat assembler
Message board for the users of flat assembler.

Index > Windows > windows native mode applications

Author
Thread Post new topic Reply to topic
shakuni



Joined: 11 Oct 2007
Posts: 24
shakuni
I recently came across a program that looked like a win32 program but going through the source code I came across the interrupt calls like
Code:
int 3    

eventually I realised that it was a native application(the author mentioned it in the comments)

I think I know much about win32 but next to nothing about native windows applications.Are they device drivers or are they ring-0 applications(probably device drivers are ring-0 themselves).

I request to please lead me from where I could learn to write such appications.
And please explain how could we use interrupts, I thought they were obsolete and all we need to know is the api.
Post 19 Oct 2007, 10:50
View user's profile Send private message Reply with quote
Feryno



Joined: 23 Mar 2005
Posts: 465
Location: Czech republic, Slovak republic
Feryno
please use search function
http://board.flatassembler.net/search.php

native apps can be very funny stuff
http://board.flatassembler.net/topic.php?t=4941
Post 19 Oct 2007, 10:58
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
shakuni



Joined: 11 Oct 2007
Posts: 24
shakuni
I obviously searched the board before posting the query, but all the search results contained the word "alternative" when I searched for "native",funny?
not for me.
Post 19 Oct 2007, 11:04
View user's profile Send private message Reply with quote
smoke



Joined: 16 Jan 2006
Posts: 42
smoke
applications using int 3h instructions dont have to be ring0 (since the int3h vector has DPL = 3 .. which means that both usermode and kernelmode programs can use it). debuggers use int 3h instruction to generate EXCEPTION_BREAKPOINT ...
Post 19 Oct 2007, 12:41
View user's profile Send private message Reply with quote
Aux



Joined: 27 Aug 2007
Posts: 10
Aux
Every int call is not allowed in ring3 where apps are running. When You call int3 your app crashes immediately. BUT! If you run your app under debugger, then debugger treats int3 as a call to break normal app workflow and take control of execution. It is a standard way since int3 always was a call for debugger since early DOS days.

By the way. What is a NATIVE app? Actually NT kernel is just a kernel which does not give a heck about what is running on top. In Windows, NT kernel used inside Win32. Win32 is like a shell on top NT. And You can put other shells! Like POSIX (google for interix) or OS/2 (closed project by MS). And NATIVE app is an app designed for NT kernel, not OS as a whole thing. So NATIVE is not a Win32 app and if Win32 is not loaded then NATIVE can not use Win32 functions. And if you have other shells (called sub-systems by MS) loaded NATIVEs can access their functions (win32 app can not use posix functions directly, only through native app which works like a proxy).

So, basically native apps are nt apps, not win32 apps.
Post 29 Oct 2007, 10:55
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
Cross-posting the same questions to multiple forums? Smile

http://www.asmcommunity.net/board/index.php?topic=28765.0
Post 29 Oct 2007, 11:57
View user's profile Send private message Visit poster's website Reply with quote
shakuni



Joined: 11 Oct 2007
Posts: 24
shakuni
I always post questions to multiple forums to get different point of views on the problem.
Post 30 Oct 2007, 11:22
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.