Menu
So there is "int 3" which is an interrupt instruction used for breakpoints in debuggers.
But then there is also "int 1" which is used for single stepping. But why is this needed? I've read that setting the Trap Flag (TF) in EFLAGS register will enable single stepping and will trap into the OS for each instruction. So why is a separate interrupt type needed?
Thanks!
746
int 3 is a special 1-byte interrupt. Invoking it will break into the debugger if one is present, otherwise the application will typically crash.
When the debugger sets the trap flag, this causes the processor to automatically execute an int 1 interrupt after every instruction. This allows the debugger to single-step by instructions, without having to insert an int 3 instruction. You do not have to invoke this interrupt explicitly.
187
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
