需要帮助理解E8汇编调用指令的x86 [英] Need help understanding E8 asm call instruction x86

问题描述

我需要一个伸出援助之手，以了解以下汇编指令。在我看来，我停靠someUnknownValue + = 20994A？

一个地址

  E8 32F6FFFF  - 调用的std :: _ Init_locks ::运算符= + 20994A
 

解决方案

无论您使用的是获得反汇编努力是有帮助的，通过​​给呼叫是从它知道一些符号偏移的目标 - - 但鉴于偏移量是如此之大，它可能是困惑

的呼叫的实际目标可以计算如下：

• E8 是呼叫用相对偏移。


• 在32位code段，偏移指定为符号的32位值。


• 此值是little-endian字节顺序。


• 偏移是从下一条指令的地址进行测量。

例如

 ＆LT;有的地址＆gt; E8 32 F6 FF FF呼叫＆LT;＆某处GT;
＆LT;有的地址＆gt; +5（下一条指令）
 

• 偏移量是 0xFFFFF632 。

PTED为有符号32位值
• 国米$ P $，这是 -0x9CE 。


• 的呼叫指令在＆LT;有的地址＆gt; ，是5个字节长;下一条指令是＆LT;有的地址＆gt; + 5 。


• 所以调用的目标地址是＆LT;有的地址＆gt; + 5 - 0x9CE
。

I need a helping hand in order to understand the following assembly instruction. It seems to me that I am calling a address at someUnknownValue += 20994A?

E8 32F6FFFF - call std::_Init_locks::operator=+20994A

解决方案

Whatever you're using to obtain the disassembly is trying to be helpful, by giving the target of the call as an offset from some symbol that it knows about -- but given that the offset is so large, it's probably confused.

The actual target of the call can be calculated as follows:

• E8 is a call with a relative offset.
• In a 32-bit code segment, the offset is specified as a signed 32-bit value.
• This value is in little-endian byte order.
• The offset is measured from the address of the following instruction.

e.g.

<some address>       E8 32 F6 FF FF         call <somewhere>
<some address>+5     (next instruction)

• The offset is 0xFFFFF632.
• Interpreted as a signed 32-bit value, this is -0x9CE.
• The call instruction is at <some address> and is 5 bytes long; the next instruction is at <some address> + 5.
• So the target address of the call is <some address> + 5 - 0x9CE.

这篇关于需要帮助理解E8汇编调用指令的x86的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！