Код (Text): public _KiSystemCallExitBranch public _KiSystemCallExit public _KiSystemCallExit2 public _KiSystemCallExit3 ; NoRestoreVolatiles is only used for return from System Service. ; If returning to Kernel mode, the processor state does not need ; to be altered (CS, CPL stays the same etc), so simply unwind the ; kernel frame and branch to the saved EIP. test dword ptr [esp+4], MODE_MASK ; If the following branch is taken, we are returning to usermode. ; If this processor supports the SYSEXIT instruction, the branch ; will be adjusted at boot time to use the appropriate code sequence. _KiSystemCallExitBranch: jnz short _KiSystemCallExit ; Exit to kernel mode from system call, faster than IRETD, ; unwind the frame and branch to return address. pop edx ; get eip pop ecx ; remove CS from stack popfd ; restore eflags jmp edx _KiSystemCallExit: iretd ; return _KiSystemCallExit2: test dword ptr [esp+8], EFLAGS_TF jne short _KiSystemCallExit pop edx ; pop EIP add esp, 4 ; Remove CS and dword ptr [esp], NOT EFLAGS_INTERRUPT_MASK ; Disable interrupts in the flags popfd pop ecx ; pop ESP sti ; sysexit does not reload flags iSYSEXIT
Верно ли утверждение, что функция scanf() для ввода использует системный сервис ядра ZwRequestWaitReplyPort?
scanf -> vscanf -> _input_l -> _inc -> _getche_nolock -> _getch_nolock -> ReadConsoleInput -> CsrClientCallServer -> NtRequestWaitReplyPort
