发表新帖
发表新帖

What does an asterisk * before an address mean in x86-64 AT&T assembly?

前端 未结
关注
7 1374
故里飘歌
故里飘歌 2020-12-15 17:11

What does the following line mean:

...
401147: ff 24 c5 80 26 40 00    jmpq   *0x402680(,%rax,8)
...

What does the asterisk in front of the

相关标签:
7条回答
  • 耶瑟儿~
    2020-12-15 17:13

    It's AT&T assembly syntax:

    • source comes before destination
    • mnemonic suffixes indicate the size of the operands (q for quad, etc.)
    • registers are prefixed with % and immediate values with $
    • effective addresses are in the form DISP(BASE, INDEX, SCALE) (DISP + BASE + INDEX * SCALE)
    • absolute jump/call operands indicated with * (as opposed to IP relative)

    So, you have a jmpq for jumping to the absolute address which is stored in %rax * 8 + 0x402680, and is a quad word long.

    0 讨论(0)
  • 孤独总比滥情好
    2020-12-15 17:17

    jmpq is just a un-conditional jump to a given address. The 'q' means that we're dealing with quad words (64 bits long).

    *0x402680(,%rax,8) : This is a way to write an address in x-86 assembly. You are correct in saying that usually there is a register before the first comma, but you still follow the same rules if no register is specified.

    The format works this way : D(reg1, reg2, scalingFactor) where D stands for displacement. Displacement is basically just an integer. reg1 is the first or base register. reg2 is the second register and scalingFactor is one of 2, 4, 8 (maybe even 1, but I'm not sure about that). Now, you can obtain your address by simply adding the values in this way: Displacement + (value at reg1) + scalingFactor*(value at reg2).

    I'm not completely sure as to what the asterisk in front of the address is for, but my guess is that it means that the displacement value is stored at that address.

    Hope this helps.

    0 讨论(0)
  • Happy的楠姐
    2020-12-15 17:22

    Actually this is computed table jmp, where the 0x402680 is address of tabele and rax is index of 8 byte (qword) pointer.

    0 讨论(0)
  • 有刺的猬
    2020-12-15 17:22

    As Necrolis wrote, Intel syntax makes it a bit more obvious, but RTN is really clearer. The line

    jmpq   *0x402680(,%rax,8)

    would be described in RTN by:

    RIP <- M[0x402680 + (8 * RAX)]

    where M is the system memory.

    As such, we can write the general form jmpq *c(r1, r2, k), where c is an immediate constant, r1 and r2 are general purpose registers and k is either 1 (default), 2, 4 or 8:

    RIP <- M[c + r1 + (k * r2)]
    0 讨论(0)
  • 天命终不由人
    2020-12-15 17:23

    Getting things into Intel syntax always makes stuff clearer:

    FF24C5 80264000  JMP QWORD PTR [RAX*8+402680]
    0 讨论(0)
  • 既然无缘
    2020-12-15 17:23

    It's a jump to an address contained in memory. The address is stored in memory at address rax*8+0x402680, where rax is the current rax value (when this instruction executes).

    0 讨论(0)
 看不清?
提交回复
热议问题