x86_64 中运行时代码替换的绝对寻址 [英] Absolute addressing for runtime code replacement in x86_64

问题描述

我目前正在使用一些 32 位代码替换方案，其中移动到另一个位置的代码读取变量和类指针.由于 x86_64 不支持绝对寻址，我无法在代码的新位置获取变量的正确地址.详细的问题是，由于 rip 相对寻址，指令指针地址与编译时不同.

I'm currently using some code replace scheme in 32 bit where the code which is moved to another position, reads variables and a class pointer. Since x86_64 does not support absolute addressing I have trouble getting the correct addresses for the variables at the new position of the code. The problem in detail is, that because of rip relative addressing the instruction pointer address is different than at compile time.

那么有没有办法在 x86_64 中使用绝对寻址或另一种方法来获取变量地址而不是指令指针相关的地址?

So is there a way to use absolute addressing in x86_64 or another way to get addresses of variables not instruction pointer relative?

类似:leaq variable(%%rax), %%rbx 也会有帮助.我只想不依赖指令指针.

Something like: leaq variable(%%rax), %%rbx would also help. I only want to have no dependency on the instruction pointer.

推荐答案

尝试使用适用于 x86_64 的 large 代码模型.在 gcc 中，这可以通过 -mcmodel=large 来选择.编译器将对代码和数据使用 64 位绝对寻址.

Try using the large code model for x86_64. In gcc this can be selected with -mcmodel=large. The compiler will use 64 bit absolute addressing for both code and data.

您也可以添加 -fno-pic 来禁止生成位置无关代码.

You could also add -fno-pic to disallow the generation of position independent code.

我用 -mcmodel=large 构建了一个小型测试应用程序，生成的二进制文件包含像

I built a small test app with -mcmodel=large and the resulting binary contains sequences like

400b81:       48 b9 f0 30 60 00 00    movabs $0x6030f0,%rcx
400b88:       00 00 00 
400b8b:       49 b9 d0 09 40 00 00    movabs $0x4009d0,%r9
400b92:       00 00 00 
400b95:       48 8b 39                mov    (%rcx),%rdi
400b98:       41 ff d1                callq  *%r9

这是一个绝对 64 位立即数(在这种情况下是地址)的加载，然后是间接调用或间接加载.指令序列

which is a load of an absolute 64 bit immediate (in this case an address) followed by an indirect call or an indirect load. The instruction sequence

moveabs $variable, %rbx
addq %rax, %rbx

相当于一个leaq offset64bit(%rax), %rbx"(不存在)，有一些副作用，比如标志改变等.

is the equivalent to a "leaq offset64bit(%rax), %rbx" (which doesn't exist), with some side effects like flag changing etc.

这篇关于x86_64 中运行时代码替换的绝对寻址的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！