Re: Let me know EIP address

[Paolo Ornati]

On Tue, 04 Jan 2005 16:18:02 +0100
Lethalman <lethalman@xxxxxxxxxxxx> wrote:

> I'm trying to get the EIP value from a simple program in C but i don't
> how to do it. I need it to know the current address position on the
> code segment.
> 
> main() {
>    long *eip;
>    asm("mov %%eip,%0" : "=g"(eip));
>    printf("%p\n", eip);
> }
> 
> Unfortunately EIP is not that kind of register :P
> Does anyone know how to get EIP?


IA-32 Intel® Architecture
    Software Developer's
                    Manual
                    Volume 1:
            Basic Architecture


3.5. INSTRUCTION POINTER

[...]

The EIP register cannot be accessed directly by software; it is
controlled implicitly by control- transfer instructions (such as JMP,
Jcc, CALL, and RET), interrupts, and exceptions. The only way to read
the EIP register is to execute a CALL instruction and then read the
value of the return instruction pointer from the procedure stack. The
EIP register can be loaded indirectly by modifying the value of a return
instruction pointer on the procedure stack and executing a return
instruction (RET or IRET). See Section 6.2.4.2., "Return Instruction
Pointer".

[...]

-- 
	Paolo Ornati
	Gentoo Linux (kernel 2.6.10-cko2)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/