Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.7k views
in Technique[技术] by (71.8m points)

assembly - JMP instruction - Hex code

Have a doubt regarding the hex code conversion of JMP machine instruction. I have the absolute address I want to jump to, say "JMP 0x400835". First of all, is this allowed? If yes, what would be the corresponding hex code? If not, can I first store the address in some register, say EAX and then put "JMP EAX"? I am working on x86(64b) architecture.

I have tried to print out the hex code from the diassem output in gdb, but there is no consistency, ie, I do not see the destination address in the hex code.

I am new to hex code and machine instructions, so pardon my ignorance.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

There is no jump of the form JMP absaddr to an absolute address in 64 bit mode. The operand of a jump is always a 32 bit relative displacement to rip, which gets sign extended to 64 bit.

The reason you see no consistency is possibly that the offset depends on the the current instruction pointer and you didn't recognize that.

jmp eax isn't allowed either, as addresses are of course always 64 bit wide on a 64 bit architecture. A sequence mov rax, addr + jmp rax is possible, it would look like

48 c7 c0 35 08 40 00            mov rax, 0x00400835
ff e0                           jmp rax

or

48 b8 35 08 40 00 00 00 00 00   mov rax, 0x0000000000400835
ff e0                           jmp rax

How did I know these hex codes? Well, I did ask my compiler. I compiled with gcc -c and disassembled with objdump. I didn't bother to use Intel syntax, because I don't need it. So this is in AT&T syntax.

echo 'asm("mov $400835, %rax
 jmp *%rax
");' > test.c
gcc -c test.c
objdump -d test.o

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...