evaluator
October 26th, 2002, 14:57
Hi, nikolatesla20
You wrote too many eNgliSh for me.
IF you Q is:
"Why on clear system Exception-EIP is ON INT01 instruction
& why with NTice Exception-EIP is after INT01"
So answer "jokerly" already done in this thread. But anyway:
On clear system windz in IDT sets 8E byte for INT01 descryptor.
This means DPL=0.
>Virtual-8086 Mode Exceptions
>#GP(0)> (For INT n, INTO, or BOUND instruction)
>If the IOPL is less than 3 or
>>>the DPL of the interrupt-, trap-, or task-gate descriptor is not equal to 3.
So IF Ring3 task attemps to make DPL=0 INT, happens GP = INT0D (not given INT).
In stack processor pushes start of instruction, which made GP.
Windz INT0D hanler-manager will put C0000005 as error code.
So in SEH-report we have error-instruction start + error code (Access Viola

.
If NTice (..Sice) loaded, it changes 8E byte to EE, e.g. now INT01 is DPL=3.
Ring3 task normally can attemp DPL=3 INT & in stack will saved next insturction address,
because INT is CALL

. Then NTice will check, if set BPX-BPM for task here. If nothing will
found, NTice sends execution to windz INT01 handler as it think out-error happens.
Windz's INT01 handler then manages error & puts 80000004 as error code.
That's all Falks!
BTW
nobody yet explaned??
Maybe I will use SEARCH..