本文介绍了JMP指令 - 十六进制代码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

对JMP机器指令的十六进制代码转换有疑问。我有我想跳到的绝对地址,比如说JMP 0x400835。
首先,这是允许的吗?如果是,那么相应的十六进制代码是什么?
如果不是,我可以先将地址存储在某个寄存器中,例如EAX,然后放入JMP EAX?
我正在开发x86(64b)架构。



我试图从gdb的diassem输出中打印出十六进制代码,但没有一致性,即我在十六进制代码中看不到目标地址。



我是十六进制代码和机器指令的新手,请原谅我的无知。 b $ b

解决方案

在64位模式下,绝对地址不会跳转到 JMP absaddr 。跳转操作数总是一个32位相对位移 rip ,它将符号扩展为64位。



你看不到一致性的原因可能是偏移量取决于当前的指令指针,而你没有意识到这一点。



jmp eax 也是不允许的,因为在64位体系结构中地址总是64位宽。序列 mov rax,addr + jmp rax 是可能的,它看起来像

  48 c7 c0 35 08 40 00 mov rax,0x00400835 
ff e0 jmp rax

  48 b8 35 08 40 00 00 00 00 00 mov rax,0x0000000000400835 
ff e0 jmp rax

我怎么知道这些十六进制代码?那么,我确实问过我的编译器。我使用 gcc -c 进行编译,并使用 objdump 进行反汇编。我懒得使用英特尔语法,因为我不需要它。所以这是AT& T语法。

  echo'asm(mov $ 400835,%rax\\\
jmp *%rax \\\
);'> test.c
gcc -c test.c
objdump -d test.o


Have a doubt regarding the hex code conversion of JMP machine instruction. I have the absolute address I want to jump to, say "JMP 0x400835".First of all, is this allowed? If yes, what would be the corresponding hex code?If not, can I first store the address in some register, say EAX and then put "JMP EAX"?I am working on x86(64b) architecture.

I have tried to print out the hex code from the diassem output in gdb, but there is no consistency, ie, I do not see the destination address in the hex code.

I am new to hex code and machine instructions, so pardon my ignorance.

解决方案

There is no jump of the form JMP absaddr to an absolute address in 64 bit mode. The operand of a jump is always a 32 bit relative displacement to rip, which gets sign extended to 64 bit.

The reason you see no consistency is possibly that the offset depends on the the current instruction pointer and you didn't recognize that.

jmp eax isn't allowed either, as addresses are of course always 64 bit wide on a 64 bit architecture. A sequence mov rax, addr + jmp rax is possible, it would look like

48 c7 c0 35 08 40 00            mov rax, 0x00400835
ff e0                           jmp rax

or

48 b8 35 08 40 00 00 00 00 00   mov rax, 0x0000000000400835
ff e0                           jmp rax

How did I know these hex codes? Well, I did ask my compiler. I compiled with gcc -c and disassembled with objdump. I didn't bother to use Intel syntax, because I don't need it. So this is in AT&T syntax.

echo 'asm("mov $400835, %rax\n jmp *%rax\n");' > test.c
gcc -c test.c
objdump -d test.o

这篇关于JMP指令 - 十六进制代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-03 06:57