Intel汇编-间接寻址-豺狼野心网

Intel汇编-间接寻址

# An example of indirect addressing (间接寻址)

.section .data
output:
.asciz "The编间 value is %d\n"
values:
.int 10, 15, 20, 25, 30, 35, 40, 45, 50, 55, 60

.section .text
.globl main
main:
   nop
   movl values, %eax       # eax = 10           ==>mov    0x56559019,%eax
   movl $values, %edi       # edi = values address       ==>mov    $0x56559019,%edi
   movl $100, 4(%edi)       # $0x56559019+4 = 100       ==>values[1] = 100
   mov $1, %edi           # edi = 1
   movl values(,%edi, 4), %ebx   # ebx = 100   ==>values+1*4 = values[1]
   mov $1, %eax           # eax = 1
   xor %edi, %edi           # edi = 0
loop:
   movl values(, %edi, 4), %eax   # eax = 10, 100, 20, 25, 30 ...
    push %eax                                # esp-4
   push $output                             # esp-4
   call printf
   add $8, %esp                            # esp+8,回退8个字节
   inc %edi
   cmp $11, %edi
   jne loop
   movl $0, %ebx
   movl $1, %eax
   int $0x80

# gcc -o 02-indirect-addressing 02-indirect-addressing.s -m32

/*
* gdb
*/
/*
(gdb) x/20i
=>0x565561ad

:   nop
   0x565561ae : mov    0x56559019,%eax
   0x565561b3 : mov    $0x56559019,%edi
   0x565561b8 :        movl   $0x64,0x4(%edi)
   0x565561bf :        mov    $0x1,%edi
   0x565561c4 :        mov    0x56559019(,%edi,4),%ebx
   0x565561cb :        mov    $0x1,%eax
   0x565561d0 :   mov    0x56559019(,%edi,4),%eax
   0x565561d7 : push   %eax
   0x565561d8 : push   $0x56559008
   0x565561dd :        call   0xf7e17d30
   0x565561e2 :        add    $0x8,%esp
   0x565561e5 :        inc    %edi
   0x565561e6 :        cmp    $0xb,%edi
   0x565561e9 :        jne    0x565561d0
   0x565561eb :        mov    $0x0,%ebx
   0x565561f0 :        mov    $0x1,%eax
   0x565561f5 :        int    $0x80

=>0x565561b3 : bf 19 90 55 56 mov    $0x56559019,%edi
(gdb) x/20w 0x56559019
1: /x $eax = 0xa
2: /x $edi = 0x56559019
3: /x $ebx = 0x0
0x56559019:     10      15      20      25
0x56559029:     30      35      40      45
0x56559039:     50      55      60      0
0x56559049:     0       0       0       0
0x56559059:     0       0       0       0

=>0x565561b8 :        c7 47 04 64 00 00 00    movl   $0x64,0x4(%edi)
(gdb) x/20w 0x56559019
1: /x $eax = 0xa
2: /x $edi = 0x56559019
3: /x $ebx = 0x0
0x56559019:     10      100     20      25
0x56559029:     30      35      40      45
0x56559039:     50      55      60      0
0x56559049:     0       0       0       0
0x56559059:     0       0       0       0

=>0x565561bf : bf 01 00 00 00 mov $0x1,%edi
1: /x $eax = 0xa
2: /x $edi = 0x1
3: /x $ebx = 0x0

=>0x565561c4 : 8b 1c bd 19 90 55 56 mov 0x56559019(,%edi,4),%ebx
1: /x $eax = 0xa
2: /x $edi = 0x1
3: /x $ebx = 0x64

=>0x565561d0 : 8b 04 bd 19 90 55 56 mov 0x56559019(,%edi,4),%eax
1: /x $eax = 0x64
2: /x $edi = 0x1
3: /x $ebx = 0x64

=>0x565561dd : e8 4e 1b 8c a1 call 0xf7e17d30
The value is 100
1: /x $eax = 0x11 #### note -->printf return value ####
2: /x $edi = 0x1
3: /x $ebx = 0x64