了解英特尔汇编中的 %rip 寄存器 [英] Understanding %rip register in intel assembly

问题描述

关于下面的小代码，在另一篇关于结构大小和正确对齐数据的可能性的文章中进行了说明:

Concerning the following small code, which was illustrated in another post about the size of structure and all the possibilities to align data correctly :

struct
{
 char Data1;
 short Data2;
 int Data3;
 char Data4;
} x;

unsigned fun ( void )
{
    x.Data1=1;
    x.Data2=2;
    x.Data3=3;
    x.Data4=4;
    return(sizeof(x));
}

我得到了相应的反汇编(64位)

I get the corresponding disassembly (with 64 bits)

0000000000000000 <fun>:
   0:   55                      push   %rbp
   1:   48 89 e5                mov    %rsp,%rbp
   4:   c6 05 00 00 00 00 01    movb   $0x1,0x0(%rip)        # b <fun+0xb>
   b:   66 c7 05 00 00 00 00    movw   $0x2,0x0(%rip)        # 14 <fun+0x14>
  12:   02 00 
  14:   c7 05 00 00 00 00 03    movl   $0x3,0x0(%rip)        # 1e <fun+0x1e>
  1b:   00 00 00 
  1e:   c6 05 00 00 00 00 04    movb   $0x4,0x0(%rip)        # 25 <fun+0x25>
  25:   b8 0c 00 00 00          mov    $0xc,%eax
  2a:   5d                      pop    %rbp
  2b:   c3                      retq   

我不知道如何计算位于右侧的项，这似乎是所使用的局部变量地址.而且，我不知道用 %rip register

I don't know how to calculate the terms located on the right which seems to be the address of local variables used. Moreover, I don't know to calculate it with %rip register

你能举一个例子来说明%rip 和%rsp 或%rbp 之间的联系，特别是在地址的计算中当我使用 move 指令时.

Could you give an example which shows the link between %rip and %rsp or %rbp, i.e especially in the computation of address when I use move instructions.

推荐答案

RIP 寻址总是相对于 RIP(64 位指令指针)寄存器.所以它只能用于全局变量.0 偏移量等于 RIP 寻址指令之后的下一条指令的地址.例如:

RIP addressing is always relative to RIP (64bit Instruction Pointer) register. So it can be use for global variables only. The 0 offset is equal to address of the following instruction after the RIP-addressed instruction. For example:

   mov  al,[rip+2]                     al=53
   jmp  short next   (length=2 bytes)   
db 53
next:
   mov  bl,[rip-7]   (length=6 bytes)  bl=53

您通常不会将数据直接与您的代码混合，除非作为立即数，但这显示了如果您实际运行具有非常小的偏移量的代码会发生什么.

You wouldn't normally mix data right in with your code, except as an immediate, but this shows what would happen if you actually ran code with very small offsets.

在您的代码中，您无法查看和检查偏移量(您看到四个零)，因为您反汇编了 .o.反汇编时使用 objdump -drwC 显示符号名称/重定位.当您将此对象链接到可执行文件时，它们将由链接器填充.

In your code you cannot see and check offsets (you see four zeros) because you disassembled a .o. Use objdump -drwC to show symbol names / relocations when disassembling. They will be filled by the linker when you link this object into an executable.

相对于`rbp 访问本地变量的示例:

Example for accessing locals relative to `rbp:

push rbp      ;save rbp
mov rbp,rsp   ;rbp = pointer to return address (8 bytes)
sub rsp,64    ;reserve 64 bytes for local variables
mov rax,[rbp+8];  rax = the last stack-passed qword parameter (if any)
mov rdx,[rbp];    rdx = return address
mov rcx,[rbp-8];  rcx = first qword local variable (this is undefined now)
mov r8, [rbp-16];  r8  = second qword local variable (this is undefined now)
.
.
mov rsp,rbp
pop rbp
ret

这篇关于了解英特尔汇编中的 %rip 寄存器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！