The help you needed in C, C++, MFC
Complete tutorials with free source code
FrostCode Win32 API
PDF Print E-mail

Implementation of Win32 API

Let's see how the Win32 API is implemented. You know there are thousands of Win32 API function calls. When an application calls an API function, how this function call is handled?

The Win32 API is implemented as a set of Dynamically Linked Libraries (DLL). The code for handling the API calls are in these libraries. There are two types of libraries, statically linked libraries and dynamically linked libraries. When you use a function which is implemented in a statically linked library in your application, when your program is linked by the compiler after compilation, the linker takes the code which handles your function call from the statically linked library and put it in your application executable so your program can use it at runtime. But if you use a function which is implemented in a DLL, the function is not placed inside your application s executable.

When your program uses a function which is in a DLL, at runtime, that DLL is also loaded to the process address space (memory space of the process). So, the function you used is imported to the process. The Windows processes has a table called import address table where the addresses of the imported functions are stored. All the functions you used in your application which are in dlls are listed there with the corresponding addresses of the functions. So, when those functions are called at runtime, the addresses can be found in this table so the function can be called successfully.

So, all the Win32 API functions are implemented in DLLs. API functions used for process management, file management, memory management are inside kernel32.dll. User interface handling functions are in user32.dll. There are several other dlls which implements the Win32 API such as shell32.dll, psapi.dll, shell32.dll etc.

You know that an API function is a service provided by the operating system to the user level processes. If you have studied the subject operating systems, you should know that the services provided by the operating system are called "system calls" and they are handled in kernel mode. But as you can see, the Win32 API is implemented in DLLs so they run in user mode, not in kernel mode. So, All the Win32 API functions are not true system calls. Some API calls are entirely handled in user space while some other API calls uses one or more true system calls to get the work done.

Let's see step by step how a Win32 API call works. When an application starts, the loader loads all necessary DLL s to the new processes address space and fill the import address table. When that program uses an API function call, it finds the address of that function from this import address table so it can call the function. So, the code in the DLL which handles the function executes. If the function can be handled entirely in the user space, the code in this DLL do not need to call actual system calls. If the task cannot be completed entirely in the user space such as creating a new process or writing to a file, The DLL calls the appropriate system calls. When actual system call is made, the process switches from user mode to kernel mode and the kernel handles the system call. After the system call is completed, the control is returned to the code in the dll and the process switches back to the user mode. Then after completing the API function call, the control returns back to the place where the API call is made.
 
We have 5 guests online
Copyright ©, 2009 FrostCode