stackoom
  简体   繁体   中英

Getting instruction given address pointed by the instruction pointer

 原文  2012-01-29 08:51:44       c/ assembly/ x86/ ia-32

Question

I am working on this code where, I need to get the instructions executed by a program, given the instruction pointers. Assume for now that I have a mechanism that provides me addresses of the instructions, would it be possible to get the opcode from this (on an IA32 instruction set) ?

2 answers

solution1
 2  2012-01-29 09:03:25

If you are looking for hardware supported help, that's not how it works. This needs to be done in software. Your code needs a table of opcodes and instructions and just has to perform a lookup.

What you describe is known as disassembly. There are many open source disassemblers and if you could use one of those it would make your task very simple. Look here: http://en.wikibooks.org/wiki/X86_Disassembly/Disassemblers_and_Decompilers

solution2
 2 ACCPTED  2012-01-29 09:54:38

You need an in memory disassembler, such as BeaEngine or DiStorm , these can be passed a memory address to read from, just make sure the address is readable. If you know the length in bytes of the function, its a little better to use the Run-Length-Dissassemblers also provided on those sites.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Getting the saved instruction pointer address from a signal handler Translate Instruction Pointer Address (in shared library) to Source Instruction Why is the address of static variables relative to the Instruction Pointer? Unreadable instruction at address C instruction address what is the address pointed by file pointer? Creating a struct at address pointed by pointer Assembly Jump Instruction Address Calculation Assigning address for instruction in object file Getting the value inside a pointer pointed by another pointer?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM