问题
In a disassembled program I'm analyzing, I found the command
sar %eax
What does this do? I know that sar with two arguments performs a right shift, but I can't find what it means with only one parameter.
This program was compiled for an Intel x86 processor.
回答1:
Looks like the dissembler used short-hand for SAR EAX,1 which has an opcode of 0xD1F8. when the immediate is not 1, aka SAR EAX,xx, the opcode is 0xC1F8 xx, see the Intel Instruction reference, Vol. 2B, 4-353.
回答2:
When there is only one operand the implied shift is 1.
So....
SAR %EAX implies signed %EAX >> 1
therefor,
SAR %eax = SAR $1, %eax
I have successfully proven this analyzing some code in GDB.
来源:https://stackoverflow.com/questions/12813962/sar-command-in-x86-assembly-with-one-parameter