jmp就是跳到另一个地方那个去执行
There are several different encodings for jumps, but some of the most commonly used ones are PC-relative.
1. That is, they encode the difference between the address of the target instruction and the address of the
instruction immediately following the jump. These offsets can be encoded using one, two, or four bytes.
相对地址表示法,这个相对是指相对于jmp下面一条指令的距离
2. A second encoding method is to give an “absolute” address, using four bytes to directly specify the target. The
assembler and linker select the appropriate encodings of the jump destinations.
绝对地址表示法
例子
汇编代码
1 jle .L4 If <, goto dest2
2 .p2align 4,,7 Aligns next instruction to multiple of 8
3 .L5: dest1
:
4 movl %edx,%eax
5 sarl $1,%eax
6 subl %eax,%edx
7 testl %edx,%edx
8 jg .L5 If >, goto dest1
9 .L4: dest2
:
10 movl %edx,%eax
obj的机器码
1 8: 7e 11
jle 1b <silly+0x1b> Target = dest2
2 a: 8d b6 00 00 00 00 lea 0x0(%esi),%esi Added nops
3 10: 89 d0 mov %edx,%eax dest1
:
4 12: c1 f8 01 sar $0x1,%eax
5 15: 29 c2 sub %eax,%edx
6 17: 85 d2 test %edx,%edx
7 19: 7f f5
jg 10 <silly+0x10> Target = dest1
8 1b: 89 d0 mov %edx,%eax dest2
:
line 1中 11
是相对地址, 0x11 + 0x0a = 0x1b 这个地址就是dest2的相对的地址。
line 7中 f5
是相对地址, 是个负值 0xf5 + 0x1b = 0x10 这个地址就是dest1的相对地址。
link后的机器码
1 80483c8: 7e 11
jle 80483db
<silly+0x1b>
2 80483ca: 8d b6 00 00 00 00 lea 0x0(%esi),%esi
3 80483d0: 89 d0 mov %edx,%eax
4 80483d2: c1 f8 01 sar $0x1,%eax
5 80483d5: 29 c2 sub %eax,%edx
6 80483d7: 85 d2 test %edx,%edx
7 80483d9: 7f f5
jg 80483d0
<silly+0x10>
8 80483db: 89 d0 mov %edx,%eax
link后,伪代码的值变成了绝对值。 但是在机器码中仍然使用相对值,保持不变。
By using a PC-relative encoding of the jump targets, the instructions can be
compactly encoded (requiring just two bytes), and the object code can be shifted to different positions in
memory without alteration.