example code
Code: Select all
8000 ld A,1
8002 ld (8006),A
8004 nop
8005 ld A, 123
8007 jp 8000
8000 marked as executed code
8002 marked as executed code, 8005 is marked as written data
8004 marked as executed code
8005 marked as executed code (and it is also written, so we can conclude that code is self-modified)
8007 marked as executed code
8000 marked as executed code (again)
final magic
8002 marked as executed code, 8005 as written data (again) and as soon as 8005 was also marked as executed code earlier - we mark 8002 as mutator code
After that we can just analyze memory map to find mutators or to make our decision that code is not self-modifying.