opcode

I need to read instructions one-by-one from a small code segment in memory and I have to find out the size of the instructions which I have in memory. The following is just a example of raw disassembled code to explain my problem: (gdb) disas /r 0x400281,+8 Dump of assembler code from 0x400281 to 0x400289: 0x0000000000400281: 48 89 c7 movq %rax, %rdi 0x0000000000400284: b0 00 movb $0, %al 0x0000000000400286: e8 f2 48 00 00 callq 0x10001f30a End of assembler dump. I know the memory address of the first instruction (p = 0x0000000000400281 in this case) and I can read every memory address from p.

following this instructions I have managed to produce only 528 bytes in size a.out (when gcc main.c gave me 8539 bytes big file initially). main.c was: int main(int argc, char** argv) { return 42; } but I have built a.out from this assembly file instead: main.s: ; tiny.asm BITS 64 GLOBAL _start SECTION .text _start: mov eax, 1 mov ebx, 42 int 0x80 with: me@comp# nasm -f elf64 tiny.s me@comp# gcc -Wall -s -nostartfiles -nostdlib tiny.o me@comp# ./a.out ; echo $? 42 me@comp# wc -c a.out 528 a.out because I need machine code I do: objdump -d a.out a.out: file format elf64-x86-64 Disassembly of

I would like to translate X86_64, x86, ARM executables into LLVM IR (disassembly). What solution do you suggest ? mcsema is a production-quality binary lifter. It takes x86 and x86-64 and statically "lifts" it to LLVM IR. It's actively maintained, BSD licensed, and has extensive tests and documentation. https://github.com/trailofbits/mcsema Consider using RevGen tool developed within the S2E project . It allows converting x86 binaries to LLVM IR. The source code could be checked out from Revgen branch of GIT repository available by url https://dslabgit.epfl.ch/git/s2e/s2e.git . As regards to

In Java's String class, the trim method contains this: int off = offset; /* avoid getfield opcode */ char[] val = value; /* avoid getfield opcode */ I'm a bit puzzled by the comment "avoid getfield opcode" ... What does this mean? (I take it this avoids the use of getfield in the bytecode but why is this a Good Thing [TM]?) Is it to prevent object creation in case trim doesn't do anything (and hence this is returned) or? My guess is that the point is to copy the values into local variables once, to avoid having to fetch the field value repeatedly from the heap for each iteration of the loop in