What does "int 0x80" mean in assembly code?
Can someone explain what the following assembly code does?
int 0x80
Solution 1:
int
means interrupt, and the number 0x80
is the interrupt number.
An interrupt transfers the program flow to whomever is handling that interrupt, which is interrupt 0x80
in this case.
In Linux, 0x80
interrupt handler is the kernel, and is used to make system calls to the kernel by other programs.
The kernel is notified about which system call the program wants to make, by examining the value in the register %eax
(AT&T syntax, and EAX in Intel syntax). Each system call have different requirements about the use of the other registers. For example, a value of 1
in %eax
means a system call of exit()
, and the value in %ebx
holds the value of the status code for exit()
.
Solution 2:
It passes control to interrupt vector 0x80
See http://en.wikipedia.org/wiki/Interrupt_vector
On Linux, have a look at this: it was used to handle system_call
. Of course on another OS this could mean something totally different.
Solution 3:
Keep in mind that 0x80
= 80h
= 128
You can see here that INT
is just one of the many instructions (actually the Assembly Language representation (or should I say 'mnemonic') of it) that exists in the x86 instruction set. You can also find more information about this instruction in Intel's own manual found here.
To summarize from the PDF:
INT n/INTO/INT 3—Call to Interrupt Procedure
The INT n instruction generates a call to the interrupt or exception handler specified with the destination operand. The destination operand specifies a vector from 0 to 255, encoded as an 8-bit unsigned intermediate value. The INT n instruction is the general mnemonic for executing a software-generated call to an interrupt handler.
As you can see 0x80 is the destination operand in your question. At this point the CPU knows that it should execute some code that resides in the Kernel, but what code? That is determined by the Interrupt Vector in Linux.
One of the most useful DOS software interrupts was interrupt 0x21. By calling it with different parameters in the registers (mostly ah and al) you could access various IO operations, string output and more.
Most Unix systems and derivatives do not use software interrupts, with the exception of interrupt 0x80, used to make system calls. This is accomplished by entering a 32-bit value corresponding to a kernel function into the EAX register of the processor and then executing INT 0x80.
Take a look at this please where other available values in the interrupt handler tables are shown:
As you can see the table points the CPU to execute a system call. You can find the Linux System Call table here.
So by moving the value 0x1 to EAX register and calling the INT 0x80 in your program, you can make the process go execute the code in Kernel which will stop (exit) the current running process (on Linux, x86 Intel CPU).
A hardware interrupt must not be confused with a software interrupt. Here is a very good answer on this regard.
This also is good source.
Solution 4:
Minimal runnable Linux system call example
Linux sets up the interrupt handler for 0x80
such that it implements system calls, a way for userland programs to communicate with the kernel.
.data
s:
.ascii "hello world\n"
len = . - s
.text
.global _start
_start:
movl $4, %eax /* write system call number */
movl $1, %ebx /* stdout */
movl $s, %ecx /* the data to print */
movl $len, %edx /* length of the buffer */
int $0x80
movl $1, %eax /* exit system call number */
movl $0, %ebx /* exit status */
int $0x80
Compile and run with:
as -o main.o main.S
ld -o main.out main.o
./main.out
Outcome: the program prints to stdout:
hello world
and exits cleanly.
You cannot set your own interrupt handlers directly from userland because you only have ring 3 and Linux prevents you from doing so.
GitHub upstream. Tested on Ubuntu 16.04.
Better alternatives
int 0x80
has been superseded by better alternatives for making system calls: first sysenter
, then VDSO.
x86_64 has a new syscall
instruction.
See also: What is better "int 0x80" or "syscall"?
Minimal 16-bit example
First learn how to create a minimal bootloader OS and run it on QEMU and real hardware as I've explained here: https://stackoverflow.com/a/32483545/895245
Now you can run in 16-bit real mode:
movw $handler0, 0x00
mov %cs, 0x02
movw $handler1, 0x04
mov %cs, 0x06
int $0
int $1
hlt
handler0:
/* Do 0. */
iret
handler1:
/* Do 1. */
iret
This would do in order:
Do 0.
Do 1.
-
hlt
: stop executing
Note how the processor looks for the first handler at address 0
, and the second one at 4
: that is a table of handlers called the IVT, and each entry has 4 bytes.
Minimal example that does some IO to make handlers visible.
Minimal protected mode example
Modern operating systems run in the so called protected mode.
The handling has more options in this mode, so it is more complex, but the spirit is the same.
The key step is using the LGDT and LIDT instructions, which point the address of an in-memory data structure (the Interrupt Descriptor Table) that describes the handlers.
Minimal example