2010年4月29日 星期四
2010年4月24日 星期六
2010年4月12日 星期一
qemu 在 user mode 下是用 static code gen buffer,size為32mb
in ./exec.c line 408 it mentioned:
Currently it is not recommended to allocate big chunks of data in
user mode. It will change when a dedicated libc will be used
but don't know why. Why not use mmap as system mode use?
先弄一個 exit basic block,然後再將 pass 給去掉。
現在要focus 在 indirect branch 上,要知道的是第一個參數的 address 是什麼?
FP->getPassName()
lib/CodeGen/StackProtector.cpp
DefaultJITMemoryManager
lib/CodeGen/LLVMTargetMachine.cpp:
LLVMTargetMachine::addPassesToEmitMachineCode
LLVMTargetMachine::addCommonCodeGenPasses
=============================
Prevent spill register code gen.
enable to emit epilog for branch and indirect brance
=============================
錯在這:0x40095872: mov (%edx),%eax
%edx 為 init_stack+c 的位置,其中的值
在 loader_exec 中就放了!
在 create_elf_tables() 之後!
在 loader_build_argptr() 之後!
在 put_user_ual(stringp, envp) 之後!
in ./exec.c line 408 it mentioned:
Currently it is not recommended to allocate big chunks of data in
user mode. It will change when a dedicated libc will be used
but don't know why. Why not use mmap as system mode use?
Segment selector Format:
| 15 ...... 3 | 2 1 | 0 |
|---|---|---|
| index | TI | RPL |
- TI Table indicator:
- 0 means selector indexes into GDT
1 means selector indexes into LDT - RPL Privelege level. Linux uses only two privelege levels.
- 0 means kernel
3 means user
Examples:
- Kernel code segment
- TI=0, index=1, RPL=0, therefore selector = 0x08 (GDT[1])
- User data segment
- TI=1, index=2, RPL=3, therefore selector = 0x17 (LDT[2])
先弄一個 exit basic block,然後再將 pass 給去掉。
現在要focus 在 indirect branch 上,要知道的是第一個參數的 address 是什麼?
FP->getPassName()
lib/CodeGen/StackProtector.cpp
DefaultJITMemoryManager
lib/CodeGen/LLVMTargetMachine.cpp:
LLVMTargetMachine::addPassesToEmitMachineCode
LLVMTargetMachine::addCommonCodeGenPasses
=============================
Prevent spill register code gen.
enable to emit epilog for branch and indirect brance
=============================
錯在這:0x40095872: mov (%edx),%eax
%edx 為 init_stack+c 的位置,其中的值
在 loader_exec 中就放了!
在 create_elf_tables() 之後!
在 loader_build_argptr() 之後!
在 put_user_ual(stringp, envp) 之後!
2010年4月7日 星期三
2010年4月6日 星期二
what are the meanings of cf,of and af flags in eflag?
CF: This flag indicates an overflow condition for unsigned-integer arithmetic.
Set if an arithmetic operation generates a carry or a borrow out of the most-significant bit of the result; cleared otherwise.
OF: This flag indicates an overflow condition for signed-integer (two’s complement) arithmetic.
Set if the integer result is too large a positive number or too small a negative number (excludingthe sign-bit) to fit in the destination operand; cleared otherwise.
AF: This flag is used in binary-coded decimal (BCD) arithmetic.
Set if an arithmetic operation generates a carry
or a borrow out of bit 3 of the result; cleared otherwise.
CF: This flag indicates an overflow condition for unsigned-integer arithmetic.
Set if an arithmetic operation generates a carry or a borrow out of the most-significant bit of the result; cleared otherwise.
OF: This flag indicates an overflow condition for signed-integer (two’s complement) arithmetic.
Set if the integer result is too large a positive number or too small a negative number (excludingthe sign-bit) to fit in the destination operand; cleared otherwise.
AF: This flag is used in binary-coded decimal (BCD) arithmetic.
Set if an arithmetic operation generates a carry
or a borrow out of bit 3 of the result; cleared otherwise.
訂閱:
文章 (Atom)