Working on an example: state assumptions
This commit is contained in:
parent
4143216317
commit
a10def8e4c
1 changed files with 26 additions and 11 deletions
37
slides.tex
37
slides.tex
|
|
@ -16,6 +16,7 @@
|
|||
\usepackage{pifont}
|
||||
\usepackage{multirow}
|
||||
\usepackage[many]{tcolorbox}
|
||||
\usepackage[absolute,overlay]{textpos}
|
||||
|
||||
\usepackage{texlib/my_listings}
|
||||
\usepackage{texlib/specific}
|
||||
|
|
@ -325,17 +326,31 @@ Segmentation fault.
|
|||
\begin{frame}
|
||||
\newcommand{\firsttblrows}{
|
||||
\tblrowval{\hspace{-2ex}<{\bf foo}>:}{}{\textbf{CFA}}{\textbf{ra}}
|
||||
\rowonly<3>{\tblhl{}} \tblrowval{push}{\%r15}{rsp+8}{c-8}
|
||||
\rowonly<4>{\tblhl{}} \tblrowval{push}{\%r14}{rsp+16}{c-8}
|
||||
\rowonly<5>{\tblhl{}} \tblrowval{mov}{\$0x3,\%eax}{rsp+24}{c-8}
|
||||
\rowonly<6>{\tblhl{}} \tblrowval{push}{\%r13}{rsp+24}{c-8}
|
||||
\rowonly<4>{\tblhl{}} \tblrowval{push}{\%r15}{rsp+8}{c-8}
|
||||
\rowonly<5>{\tblhl{}} \tblrowval{push}{\%r14}{rsp+16}{c-8}
|
||||
\rowonly<6>{\tblhl{}} \tblrowval{mov}{\$0x3,\%eax}{rsp+24}{c-8}
|
||||
\rowonly<7>{\tblhl{}} \tblrowval{push}{\%r13}{rsp+24}{c-8}
|
||||
\tblrowval{push}{\%r12}{rsp+32}{c-8}
|
||||
\tblrowval{push}{\%rbp}{rsp+40}{c-8}
|
||||
\tblrowval{push}{\%rbx}{rsp+48}{c-8}
|
||||
\tblrowval{sub}{\$0x68,\%rsp}{rsp+56}{c-8}
|
||||
}
|
||||
|
||||
\only<-8>{
|
||||
|
||||
{\only<3>{
|
||||
\begin{textblock*}{0.90\textwidth}[0.5,0.5](0.5\paperwidth,0.5\paperheight)%
|
||||
\begin{tcolorbox}[halign=center, colframe=red, colback=Lavender]
|
||||
\large
|
||||
\alert{\bf Assumptions:}
|
||||
\begin{itemize}
|
||||
\item the assembly is was generated by a compiler
|
||||
\item which also generated unwinding data
|
||||
\item and I have a reliable DWARF parser
|
||||
\end{itemize}
|
||||
\end{tcolorbox}
|
||||
\end{textblock*}
|
||||
}}
|
||||
\only<-9>{
|
||||
\begin{table}
|
||||
\ttfamily\large
|
||||
\begin{tabularx}{0.9\linewidth}{
|
||||
|
|
@ -353,16 +368,16 @@ Segmentation fault.
|
|||
\blknote{
|
||||
\centering
|
||||
\begin{overlayarea}{0.9\textwidth}{4.8ex}
|
||||
\only<3>{Upon function call, \alert{ra = *(\reg{rsp})}}
|
||||
\only<4>{\texttt{push} decreases \reg{rsp} by 8: %
|
||||
\only<4>{Upon function call, \alert{ra = *(\reg{rsp})}}
|
||||
\only<5>{\texttt{push} decreases \reg{rsp} by 8: %
|
||||
\alert{ra = *(\reg{rsp} + 8)}}
|
||||
\only<5>{and again: %
|
||||
\only<6>{and again: %
|
||||
\alert{ra = *(\reg{rsp} + 16)}}
|
||||
\only<6>{This \texttt{mov} leaves \reg{rsp} untouched: %
|
||||
\only<7>{This \texttt{mov} leaves \reg{rsp} untouched: %
|
||||
\alert{ra = *(\reg{rsp} + 16)}}
|
||||
\only<7>{The unwinding table captures an \alert{abstract execution}
|
||||
\only<8>{The unwinding table captures an \alert{abstract execution}
|
||||
of the code\ldots}
|
||||
\only<8>{\ldots and thus can be \alert{synthesized from the binary}.}
|
||||
\only<9>{\ldots and thus can be \alert{synthesized from the binary}.}
|
||||
\end{overlayarea}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue