堆栈内存溢出
  简体   繁体   English

C函数逐步完成自己的组装

[英]C Function to Step through its own Assembly

 原文  2017-11-27 18:59:59       c/ assembly

问题描述

I am wondering if there is a way to write a function in a C program that walks through another function to locate an address that an instruction is called. 我想知道是否有一种方法可以在C程序中编写一个可以遍历另一个函数以找到指令被调用地址的函数。

For example, I want to find the address that the ret instruction is used in the main function. 例如,我要查找在主要功能中使用ret指令的地址。

My first thoughts are to make a while loop that begins at "&main()" and then looping each time increments the address by 1 until the instruction is "ret" at the current address and returning the address. 我的第一个想法是进行一个while循环,该循环从“&main()”开始,然后每次循环都将地址递增1,直到指令在当前地址处“ ret”并返回该地址。

1 个解决方案

解决方案1
 4  2017-11-27 19:19:27

It is certainly possible to write a program that disassembles machine code. 当然,可以编写反汇编机器代码的程序。 (Obviously, this is architecture-specific. A program like this works only for the architectures it is designed for.) And such a program could take the address of its main routine and examine it. (显然,这是特定于体系结构的。此类程序仅适用于其设计的体系结构。)这样的程序可以获取其main例程的地址并进行检查。 (In some C implementations, a pointer to a function is not actually the address of the code of the function. However, a program designed to disassemble code would take this into an account.) (在某些C实现中,指向函数的指针实际上并不是该函数代码的地址。但是,设计为反汇编代码的程序会将其考虑在内。)

This would be a task of considerable difficulty for a novice. 对于新手来说,这将是一个相当困难的任务。

Your program would not increment the address by one byte between instructions. 您的程序不会在指令之间将地址增加一个字节。 Many architectures have a fixed instruction size of four bytes, although other sizes are possible. 许多架构的固定指令大小为四个字节,尽管其他大小也是可能的。 The x86-64 architecture (known by various names) has variable instruction sizes. x86-64体系结构(有各种名称)具有可变的指令大小。 Disassembling it is fairly complicated. 拆卸它是相当复杂的。 As part of the process of disassembling an instruction, you have to figure out how big it is, so you know where the next instruction is. 在分解一条指令的过程中,您必须弄清楚它的大小,以便知道下一条指令在哪里。

In general, though, it is not always feasible to determine which return instruction is the one executed by main when it is done. 但是,一般而言,确定哪一条返回指令是main执行完的返回指令并不总是可行的。 Although functions are often written in a straightforward way, they may jump around. 尽管函数通常以简单的方式编写,但它们可能会跳来跳去。 A function may have multiple return statements. 一个函数可能具有多个return语句。 Its code may be in multiple non-contiguous places, and it might even share code with other functions. 它的代码可能在多个不连续的地方,甚至可能与其他功能共享代码。 (I do not know if this is common practice in common compilers, but it could be.) And, of course main might not ever return (and, if the compiler detects this, it might not bother writing a return instruction at all). (我不知道这在普通的编译器中是否是惯例,但可能是。)而且,当然main可能永远不会返回(并且,如果编译器检测到这一点,它可能根本不会编写返回指令)。

(Incidentally, there is a mathematical proof that it is impossible to write a program that always determines whether a program terminates or not. This is called the Halting Problem .) (顺便说一句,有数学上的证明,不可能编写总是确定程序是否终止的程序。这称为暂停问题 。)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 内联C汇编破坏了自己的变量 - Inline C assembly clobbers its own variables Gdb逐步完成从C编译的objdump的汇编输出 - Gdb step through assembly output of objdump from C compiled 每个 function 是否在 c 中都有自己的堆栈? - Does every function get its own stack in c? 如何让 function 在 C 中返回自己的类型? - How can I make a function return its own type in C? 函数可以在c11中使用其自己的地址吗? - Can a function use its own address in c11? C中的可移植函数(没有汇编)返回其堆栈帧的大小 - Portable function in C (with no assembly) that returns the size of its stack frame 在c/c++中通过其在内存中的地址调用函数 - Calling a function through its address in memory in c / c++ C段错误的汇编功能 - assembly function with C segfault 调用 C 中的 function 进行组装 - Call function in C to Assembly c函数的汇编代码 - assembly code of the c function
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM