Reading the value of IP

dncprogrammer · December 10, 2006, 05:58:50 PM

How would one go about reading the value of the current IP? I know that it cannot be directly modified but it should be readable, right?
jon

Synfire · December 11, 2006, 12:53:21 AM

Use the "delta" method to obtain the IP.

Code Select

call $+5
pop cx

CX now contains the IP because when a call is made the IP of the next instruction is pushed onto the stack to be used by 'ret', we just pop it off.

MichaelW · December 11, 2006, 07:26:52 AM

jon,

For most purposes the current value of IP is not very meaningful, because the value changes with each instruction that is executed. Debuggers stepping through code need to read and save the value of IP for the next instruction to be executed, but between the interrupt call that passes control to the debugger and the point at which the next instruction is executed, the saved value is not the current value.

sinsi · December 11, 2006, 08:04:34 AM

Quote from: Synfire on December 11, 2006, 12:53:21 AM
Use the "delta" method to obtain the IP.

Code Select Expand
call $+5 pop cx

CX now contains the IP because when a call is made the IP of the next instruction is pushed onto the stack to be used by 'ret', we just pop it off.

In 16-bit DOS land, you would use

Code Select


  call $+3
  pop cx

and this would have the IP of the "pop cx" instruction in CX.

dncprogrammer · December 11, 2006, 04:00:20 PM

Thanks guys! Pure curiosity, just pure curiosity. :)
jon

Rockphorr · December 11, 2006, 05:46:14 PM

A using $ is discourage.

call GetIP
GetIP:
pop AX; or BX or etc.

dncprogrammer · December 11, 2006, 09:38:59 PM

Ok guys, lets see if I get this idea. What if I was to jump to some code, it runs out and needs to return to where it left. Maybe the parent code isn't always in the same place in memory. Instead of setting up and interrupt or something like that to guide it back home could I just do something like the following?

Start: ...some code...
...which decides...
...to launch some other program to 0910h...
...then jump to it...

jmp 0910h:0000h ; jump to it and when it's done return to this next line
jmp Start ; <----------------------------------

Is this goofy or is this relevant?
jon

MichaelW · December 11, 2006, 11:22:00 PM

Assuming you control the code at the destination, using far jumps should work OK, although AFAIK MASM will not accept a constant as the jump destination. It would probably be easier to use a far call and return:

Code Select


.model small
.386
.stack
.data
    farptr dd 0
.code
.startup
    push cs
    pop WORD PTR farptr+2     ; segment address of destination
    push OFFSET dest
    pop WORD PTR farptr       ; offset address of destination
    call DWORD PTR farptr     ; force a far call
    mov ah, 2
    mov dl, "Y"
    int 21h
    mov ah, 0
    int 16h
    .exit
  dest:
    mov ah, 2
    mov dl, "X"
    int 21h
    retf                      ; force a far return
end

P1 · December 12, 2006, 02:36:16 PM

You could approach this like profiling. Run the timer interupt with code to inspect the return value of where it came from.

Regards, P1 :8)

News:

Reading the value of IP

dncprogrammer

Synfire

MichaelW

sinsi

dncprogrammer

Rockphorr

dncprogrammer

MichaelW

P1