disassembly | 易学教程

How can I see parse tree, intermediate code, optimization code and assembly code during COMPILATION?

阅读更多关于 How can I see parse tree, intermediate code, optimization code and assembly code during COMPILATION?

I am studying Compilers course, compilation of program follows below steps Lexical analysis Syntax analysis Semantic analysis Intermediate code generation Code optimization Target code generation. How can I see output of each step e.g I want to see parse tree after syntax analysis. I am compiling program on Linux machine with GCC compiler. We can see assembly code of the program by using -Wa compiler option in gcc, similarly is there options to see Tokens, Parse tree and Inetmediate code. While you can use the -fdump-tree-all and -fdump-rtl-all options in gcc, I don't think that their output

Could not load file or assembly 'AssemblyName PublicKeyToken=null' or one of its dependencies

阅读更多关于 Could not load file or assembly 'AssemblyName PublicKeyToken=null' or one of its dependencies

问题 {"Could not load file or assembly 'AssemblyName, PublicKeyToken=null' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)":"AssemblyName, PublicKeyToken=null"} I'm getting the message in question as an InnerException.Message while trying to debug my application after signing the unsigned third-party assemblies it is using. The weird thing is that I have already signed the assembly shown in the

Methods to nail down 16 bit CRC/Checksum algorithm used by Windows CE executable?

阅读更多关于 Methods to nail down 16 bit CRC/Checksum algorithm used by Windows CE executable?

问题 I need to reverse engineer CRC/Checksum algorithm implemented by windows CE executable. Being propritory protocol, it does not say anything about CRC/checksum algorithm. However, There is console interface that reports correct/calculated checksum and I can construct my own messages with random bits if message protocol is correct: I have observed that, Changing single bit in message changes checksum bytes completely. Algorithm seems to be position dependent as I fed some single 1 bit messages

Long multi-byte NOPs: commonly understood macros or other notation

阅读更多关于 Long multi-byte NOPs: commonly understood macros or other notation

问题 It's not a big secret that x86 (and x86_64) processors have not only the single-byte NOP instruction, but also various types of multi-byte NOP-like instructions. There's the ones I've managed to find: Recommended by AMD, ref. AMD Software Optimization Guide for AMD Family 15h Processors, document #47414, section 5.8 "Code Padding with Operand-Size Override and Multibyte NOP", page 94) 90 NOP1_OVERRIDE_NOP 6690 NOP2_OVERRIDE_NOP 0f1f00 NOP3_OVERRIDE_NOP 0f1f4000 NOP4_OVERRIDE_NOP 0f1f440000

How to write a disassembler? [closed]

阅读更多关于 How to write a disassembler? [closed]

I'm interested in writing an x86 dissembler as an educational project. The only real resource I have found is Spiral Space's, " How to write a disassembler ". While this gives a nice high level description of the various components of a disassembler, I'm interested in some more detailed resources. I've also taken a quick look at NASM's source code but this is somewhat of a heavyweight to learn from. I realize one of the major challenges of this project is the rather large x86 instruction set I'm going to have to handle. I'm also interested in basic structure, basic disassembler links, etc. Can

Why is the stack filled with 0xCCCCCCCC

阅读更多关于 Why is the stack filled with 0xCCCCCCCC

问题 I'm currently disassembling some small C programs made in Visual Studio 2012 Express, and i've noticed a trend amongst the binaries. The first set of instructions executed in the main function are always: SUB ESP,154 ; Doesn't have to be 0x154. ..... ..... ..... LEA EDI,DWORD PTR SS:[EBP-154] MOV ECX,55 ; Also doesn't have to be 0x55. MOV EAX,CCCCCCCC REP STOS DWORD PTR ES:[EDI] So, why does the machine fill the stack with this 0xCCCCCCCC? I've read that it is used by VC++, or something, as a

Is there a disassembler + debugger for java (ala OllyDbg / SoftICE for assembler)?

阅读更多关于 Is there a disassembler + debugger for java (ala OllyDbg / SoftICE for assembler)?

问题 Is there a utility similar to OllyDbg / SoftICE for java? I.e. execute class (from jar / with class path) and, without source code, show the disassembly of the intermediate code with ability to step through / step over / search for references / edit specific intermediate code in memory / apply edit to file... If not, is it even possible to write something like this (assuming we're willing to live without hotspot for the debug duration)? Edit: I'm not talking about JAD or JD or Cavaj. These

Why does this memory address %fs:0x28 ( fs[0x28] ) have a random value?

阅读更多关于 Why does this memory address %fs:0x28 ( fs[0x28] ) have a random value?

问题 I've written a piece of C code and I've disassembled it as well as read the registers to understand how the program works in assembly. int test(char *this){ char sum_buf[6]; strncpy(sum_buf,this,32); return 0; } The piece of my code that I've been examining is the test function. When I disassemble the output my test function I get ... 0x00000000004005c0 <+12>: mov %fs:0x28,%rax => 0x00000000004005c9 <+21>: mov %rax,-0x8(%rbp) ... stuff .. 0x00000000004005f0 <+60>: xor %fs:0x28,%rdx

How can I see the assembly code for a C++ program?

阅读更多关于 How can I see the assembly code for a C++ program?

How can I see the assembly code for a C++ program? What are the popular tools to do this? Employed Russian Ask the compiler If you are building the program yourself, you can ask your compiler to emit assembly source. For most UNIX compilers use the -S switch. If you are using the GNU assembler, compiling with -g -Wa,-alh will give intermixed source and assembly on stdout ( -Wa asks compiler driver to pass options to assembler, -al turns on assembly listing, and -ah adds "high-level source" listing): g++ -g -c -Wa,-alh foo.cc For Visual Studio, use /FAsc . Peek into the binary If you have

How Math.Pow (and so on) actually works

阅读更多关于 How Math.Pow (and so on) actually works

So I was googling for a long time and i found almost nothing. I found some info about possible implementation of Math.Pow from this url , but they are inaccurate, for example this code public static double PowerA(double a, double b) { int tmp = (int)(BitConverter.DoubleToInt64Bits(a) >> 32); int tmp2 = (int)(b * (tmp - 1072632447) + 1072632447); return BitConverter.Int64BitsToDouble(((long)tmp2) << 32); } static void Main(string[] args) { double x = 12.53, y = 16.45; Console.WriteLine(Math.Pow(x, y)); Console.WriteLine(PowerA(x, y)); } provides output: 1,15158266266297E+18 8,9966384455562E+17