eip : The instruction register can be said to be the most important register in the CPU. It points to the address where the next instruction to be executed is stored. The CPU's job is actually to constantly fetch the instruction pointed to by ip and point to the line, while the instruction register continues to point The next instruction, so repeated, is the main task of the CPU to execute the instruction.
PS: If the next instruction pointed to by ip is modified, what will happen?
Dumbfounded. . . .
It can be achieved by modifying the cs section of the binary file, such as: common virus-infected files, cracked software, etc.
Back then, I was curious and had cracked a lot of software. That kind of achievement felt good, but it was never used for commercial purposes, and it was purely for self-entertainment. The method used to crack the software is to modify the instruction sequence of the ip instruction (or modify the instruction and data) by modifying the CS section of the binary file
Of course, when locating the problem of process crash, if the core file is not generated, then the ip register becomes particularly important (see one of the several locating problem articles I have written before: https://blog. csdn.net/lianshaohua/article/details/107642136 )
Similarly, under the x64 architecture, the 32-bit eip is upgraded to the 64-bit rip register.