Chapter 26 Key Takeaways: Interrupts, Exceptions, and Kernel Mode

Open Assembly Language Project

Chapter 26 Key Takeaways: Interrupts, Exceptions, and Kernel Mode

Three distinct event types share the IDT: Hardware interrupts (asynchronous, from devices), software interrupts (intentional INT n), and exceptions (CPU-generated, synchronous). All are dispatched through the Interrupt Descriptor Table.
The IDT has 256 entries (vectors 0–255), each 16 bytes. Vectors 0–31 are reserved by Intel for CPU exceptions. Vectors 32–255 are available for hardware IRQs and OS use. The CPU finds the IDT through the IDTR register, loaded with LIDT.
Interrupt gates clear IF on entry; trap gates do not. Use interrupt gates (type 0xE) for hardware IRQ handlers to prevent re-entrancy. Use trap gates (type 0xF) for exceptions where you want interrupts to remain enabled.
The 8259A PIC must be remapped from its default vectors (8–15) to vectors 32–47. Without remapping, IRQ0 (timer) would invoke the double fault handler (#DF at vector 8), catastrophically corrupting system state.
Every hardware interrupt handler must send End-of-Interrupt (EOI) to the PIC. Without EOI, the PIC masks that IRQ line permanently. For IRQ8–15 (PIC2), EOI must be sent to both PIC2 and PIC1 (cascade).
The CPU automatically saves state on interrupt entry. For ring-3 → ring-0 transitions: SS, RSP, RFLAGS, CS, RIP are pushed on the kernel stack. Some exceptions also push an error code. IRETQ reverses this.
Page fault (#PF, vector 14) provides two pieces of diagnostic information: The error code (P/W/U/I bits) indicates the type of violation, and CR2 contains the faulting virtual address. These are the inputs to the kernel's page fault handler.
Exceptions with error codes and those without require different handler stubs. The classic solution: stubs that push a dummy zero for exceptions without error codes, then a vector number, and jump to a common handler that processes both fields uniformly.
INT3 (opcode 0xCC) is the one-byte breakpoint instruction. Debuggers write 0xCC over the first byte of any instruction to create a software breakpoint. The saved RIP points to the byte after INT3, so the debugger must decrement RIP by 1 before resuming.
The kernel stack at interrupt time must be known and valid. The CPU loads RSP0 from the TSS when transitioning to ring 0. Critical exceptions (double fault, NMI) should use IST entries pointing to a separate emergency stack, in case the normal kernel stack is corrupt.
The ptrace system call is the kernel mechanism behind GDB and strace. PTRACE_POKETEXT injects the 0xCC breakpoint byte; PTRACE_GETREGS reads register state; PTRACE_SINGLESTEP sets TF to execute one instruction; PTRACE_CONT resumes. Every software debugger on Linux uses these calls.
MinOS requires IDT setup, PIC remapping, and STI before any hardware I/O can work. The keyboard driver, timer, and all other interrupt-driven subsystems depend on this foundation being correct.