Page 1 of 1

Software Interrupts: Windows

Posted: Sat Jan 05, 2013 4:53 am
by 10thProtocol
Hi,

Context: Windows, x86

Can someone out there crack an old chestnut thats beeb bugging me for sometime.

When people, lots of them, make the statement that ' a DPC is added to the queue and a software inturrupt is requested..' What do they mean by 'software interrupt'. It is laso used in thread dispatching.

I thought initially that it involved a int nn instruction in some way, I now doublt this. I know that a DPC software interrupt is invoked ar IRQL level 2 but what physically is it? Nobody ever explains it, is it a state secret?

So:

What is it?
What creates it?
Where does it live?
What does it look like?
What forces its execution?

Thanks

Re: Software Interrupts: Windows

Posted: Sat Jan 05, 2013 6:47 am
by Love4Boobies
Since the OP was unhappy with my previous answer, I suggest that he do his/her research.

Re: Software Interrupts: Windows

Posted: Sat Jan 05, 2013 8:29 am
by 10thProtocol
Thanks, L4B, its unfortunate that the only reply is from someone who's not from windows world.

I don't think the Intel manuals are relevant, I know all about Int nn and the APIC. This is a windows thing, I'm fairly sure.

I'm sure its about the Processor Control Block structure and kernal code that manipulates the IRQL level of the processor. I'm lost from there.

Thanks for your response.

Re: Software Interrupts: Windows

Posted: Sat Jan 05, 2013 3:45 pm
by jnc100
The windows scheduler is at its heart a glorified priority based round-robin scheduler. In a normal round robin system, even the highest priority task will be interrupted by a hardware interrupt when IF is set. This can cause unwanted delays if the interrupt handler takes a non-negligible amount of time to complete. Windows extends the priority system to include hardware interrupts - if an interrupt fires when the cpu is executing a high priority thread (identified by its 'IRQ level') then instead of actually running the whole interrupt handler at that point it will defer it until the current cpu priority drops. In essence, a stub interrupt handler runs which enques a Deferred Procedure Call (DPC) and then quickly returns. The DPC runs when the IRQ level drops to a sufficient level.

In multi-cpu setups with an IOAPIC the kernel can use the IOAPIC to route interrupts away from a cpu executing high priority threads.

For more information see http://msdn.microsoft.com/en-us/library ... 85%29.aspx.

Regards,
John.

Re: Software Interrupts: Windows

Posted: Sat Jan 05, 2013 4:14 pm
by Gigasoft
It's just a flag in the PCR that is set with HalRequestSoftwareInterrupt. There are two such flags. On Vista 32-bit using halmacpi.dll, they are at offsets 0x96 and 0x97. They are checked during KfLowerIrql and HalEndSystemInterrupt, and cause KiDeliverApc or KiDispatchInterrupt to be called. KiDispatchInterupt is what runs DPCs and is also responsible for switching to the next thread, if any. When a DPC is to be run on another CPU, an IPI is sent, and KiIpiServiceRoutine in turn calls HalRequestSoftwareInterrupt. Otherwise, HalRequestSoftwareInterrupt is called directly.

Re: Software Interrupts: Windows

Posted: Sat Jan 05, 2013 4:43 pm
by 10thProtocol
Thanks, Gigasoft, thats the answer I've been looking for, excellent.

When you say PCR, do you mean Process or Processor Control Region?

Where do you find that sort of information, any links would be gratefully apprecaited? Despite one of the previous replies, I have scoured everywhere for this data.

Thanks again.