asm volatile("mov %%eip,%0":"=r"(var));
을 컴파일하게 되면 Bad register name "%eip" 라는 메세지가 출력된다.
직접적으로 EIP 를 접근하지 못하기 때문인데 다음과 같은 코드를 사용하면된다.
asm ("call 1f \n\t" "1:pop %0" : "=r"(var));
출처 : http://stackoverflow.com/questions/4062403/how-to-check-the-eip-value-with-assembly-language
Since EIP is the program counter, there's no way to access it directly (i.e. it can't be used as the source of a MOV instruction).
There are two ways to access it indirectly:
- Use an interrupt and get the saved
EIPfrom the stack, - Use a specially crafted function that fetches its return address (the saved
EIP) from the stack.
See http://www.programmersheaven.com/mb/x86_asm/357735/357735/get-the-value-of-eip/#357740.
WRITTEN BY
- RootFriend
개인적으로... 나쁜 기억력에 도움되라고 만들게되었습니다.
,
