Instruction decryption
Author
Dear all,
This is a semi-technical question and I hope someone will have the answer. I want to put up a dynamic interpreter.
It will take the form of a separate thread and will interpret the code of the first thread. I've been reading a little bit on the net but I still have one big problem:
How do I know exactly where the instructions start and how do I get the PC (program counter). So basically, how do I get the instruction the program is executing.
For example, it's easy to put to sleep the main thread but then to know where it's up to and exactly what instruction is it doing...
I've checked out the structures in the /proc/ directory (yes I'm working under linux), but I haven't really discovered what I need...
Thanx for your help and insight,
Jc
You need to attach your program to the "target" as if it were a debugger. Can't be more specific, as I am not familiar with the functions linux provides for debugging. Take a look at ptrace(2) in the syscall man pages though.
Author
That would work well but I was wondering if someone had a good description of the data/text segment that's in memory under the Linux system.
I found the startcode variable in the /proc/[process number]/stat but is that where the segment starts?
And does it start straight away with the first instructions or is there information first?
Jc
I found the startcode variable in the /proc/[process number]/stat but is that where the segment starts?
And does it start straight away with the first instructions or is there information first?
Jc
As far as I know, it is just the elf binary just loaded into memory.
http://www.wotsit.org/download.asp?f=elf11g
http://www.wotsit.org/download.asp?f=elf11g
Author
I've been playing with the ELF binary but I have a feeling it isn't loaded TOTALLY into memory.
When I follow the header information I can walk through the Section Headers but this only works if the code is small enough. If I link a external library (like -lglut for example), then I have a feeling the binary isn't totally loaded.
This is a pain, since the text segment header for the code can normally be anywhere (though through experiments it's always the index 12). So basically I have two more questions:
- Is there a way to tell the OS to load the binary totally?
- Is there a way to know the start of the code directly. I found in /proc/[number]/stat, "startcode" and "endcode" where normally that's where the code CAN be. The CAN is a bit annoying because how do you know for sure?
Thanx again,
Jc
When I follow the header information I can walk through the Section Headers but this only works if the code is small enough. If I link a external library (like -lglut for example), then I have a feeling the binary isn't totally loaded.
This is a pain, since the text segment header for the code can normally be anywhere (though through experiments it's always the index 12). So basically I have two more questions:
- Is there a way to tell the OS to load the binary totally?
- Is there a way to know the start of the code directly. I found in /proc/[number]/stat, "startcode" and "endcode" where normally that's where the code CAN be. The CAN is a bit annoying because how do you know for sure?
Thanx again,
Jc
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
