Target destination of a JE branch instruction, given its machine code and starting address
I'm reading the textbook Randal E. Bryant, David R. O’Hallaron - Computer Systems. A Programmer’s Perspective [3rd ed.] (2016, Pearson)
I came across this question and I am not sure how the authors obtained the answer.
In the following excerpts from a disassembled binary, some of the information has been replaced by Xs.
Answer the following questions about these instructions. (You do not need to know anything about the callq instruction here.)
What is the target of the je instruction below?
40042f: 74 F4 je XXXXXX
400431: 5D pop %rbp
The answer given is as follows
Could someone help explain why the explanation is as such? I am unsure how they obtained the -12 and the 0xf4 values, and why they would be needed to calculate the target of the je instruction here.
The jump instruction with immediate value is relative, meaning it jumps X bytes forwards or backwards, not to an absolute address, so the address of the instruction itself (or the following one, see below) has importance.
The offset operand is signed, and it's one byte long (because 74 is the short jump instruction, allowing a jump range between -128 and +127 - the range of a signed 8-bit integer). 0xF4 is therefore negative (its leftmost bit has value -0x80 and not +0x80 and it's set), it equals to -0xC (because 0xF4 - 0x100 = -0xC), or in decimal -12. As the explanation says:
(since 0xf4 is the 1-byte two's-complement representation of -12)
How they obtained 0xF4 in the first place: From the instruction (74 F4 - the 74 is the opcode for je short and the F4 is the offset).
Now, the target of a jump is calculated by adding the offset to the address of the next instruction, in this case 0x400431. (You can imagine the processor first reading the instruction, causing the instruction pointer to be advanced past the end of the instruction to the start of the next one, and only then applying the jump forwards or backwards from the current position of the instruction pointer.)
So, 0x400431 - 0xC = 0x400425.
Note: The extra 0x in 0x0x400431 is apparently a typo in the book, it has no meaning.
- ModR/M Historical Notation /0.../7
- Repeated integer division by a runtime constant value
- Atmega8 - Compile and link C and Assembly-files with one Makefile
- How to read stack memory with gdb
- Unresolved external symbol happend when compiling C++
- How to directly access a GPU?
- Can't figure out why the "str x6, [x7]" instruction does not work in arm64 assembly
- ARM Assembly - Why is the output printing differently?
- Why LI becomes LBU opcode after MIPS assembler
- Open Syscall 56 ARMv8 fails
- iPhone/ARM calling convention
- x86 Assembly CALL Instruction Encoding
- AVR instructions LDS and STS 16 bit versions with GNU assembler
- In x86_64 Linux NASM, is it possible to have multiple opcodes on one line?
- What is the value in the Accumulator?
- Creating a Sub-Routine results in illegal instruction
- Read data from proc/sys/kernel/
- Can anyone solve this 8080 assembly code 'puzzle'?
- Can java disassembled code run without OS?
- Does little endian impact arrays?
- How is this function's assembly implementing the conditional?
- Practical uses for rotate carry left/right
- Horizontal XOR in AVX
- Effectively calculate horizontal pair avgs in a stream of int16's
- assembly 8086 space invaders project, int 10h doesnt work
- Comparing Unsigned integers using AVX2 Intrinsics
- Difference between "mov eax, [num]" and "mov eax, num"
- MIPS Program that shows the lowest of 3 user-inputted integers, doesn't register negative numbers
- Can AVX-512 be used to calculate the multiplication of two 256-bit Integers on a 64 bit computer in C++? Whether using Assembly Language or not
- Microarchitectural zeroing of a register via the register renamer: performance versus a mov?