What does following syntax do in GASM?
*%gs:0x10
I know that call *%gs:0x10 call will __kernel_vsyscall, but i don't know what *%register:value do.
It's NASM equivalent looks like this: call DWORD PTR gs:0x10
It's a near absolute indirect (FF /2) call to the target of the pointer in gs:0x10.
Note that gs is a selector register, not a general purpose register (see Protected mode).
The instruction read the DWORD at the offset 0x10 (relative to segment gs) and makes a call to its value.
A direct call would have another effect entirely, possibly involving call gates.
gs:0x10 is where libc copies the address of __kernel_vsyscall during its initialization.
The AT&T syntax for the control transfer instructions is
Branch addressing using registers or memory operands must be prefixed by a '*'. To specify a "far" control tranfers, a 'l' must be prefixed, as in
ljmp,lcall, etc. For example,GAS syntax NASM syntax ========== =========== jmp *100 jmp near [100] call *100 call near [100] jmp *%eax jmp near eax jmp *%ecx call near ecx jmp *(%eax) jmp near [eax] call *(%ebx) call near [ebx] ljmp *100 jmp far [100] lcall *100 call far [100] ljmp *(%eax) jmp far [eax] lcal *(%ebx) call far [ebx] ret retn lret retf lret $0x100 retf 0x100Segment-offset pointers are specified using the following format:
jmp $segment, $offset