|
When I came across the following code while learning assembly language, I simply thought that the program could not end normally. However, after debug single-step tracking, it was found that the program could end normally, and a strange phenomenon occurred: when the program started to execute from code:0005 to code:0014, it continued to jump to code:0008 with the jmp command. However, when continuing to perform a step forward, the program jumps directly to code:0 instead of code:0018 (i.e., the designator S1 segment). At first, I didn't understand what was going on, but after many single-step observations, I still felt weird. After carefully studying the use of JMP instructions in the textbook [1], and then analyzing the program in combination with machine code, I have a new understanding of JMP instructions. assemble code address offset (IP) machine instructions assume cs:code (unit: h) code segment mov ax,4c00h 0000 B8004C int 21h 0003 CD21 start: mov ax,0 0005 B80000 s: nop 0008 90 nop 0009 90 mov di,offset s 000A BF0800 mov si,offset s2 000D BE2000 mov ax,cs:[si] CS:0020=F6EB mov cs:[di],ax CS:0008=9090 s0: jmp short s 0016 EBF0 s1: mov ax,0 0018 B80000 int 21h 001B CD21 mov ax,0 001D B80000 s2: jmp short s1 0020 EBF6 nop 0022 90 code ends end start 1. The following two points need to be understood clearly 1. The process of CPU instruction execution is as follows: <1>. Read the instruction from the memory unit pointed to by CS:IP and put it into the instruction buffer. <2>. IP=IP+The length of the instruction currently being read into the buffer, that is, the IP points to the next instruction. <3>. Execute the current command in the buffer. Go to step <1> 2. The meaning of the jmp short command to transfer the internal segment <1>. IP is the offset, that is, the address at the IP = designator - the address of the first byte after the jmp command. <2>. The function of this command is to modify the value of IP, and after executing the command, IP = IP + 8 bit offset < 3> and 8 bits have a displacement range of -128~127, and the offset is expressed in the form of complement [2]. 2. Code analysis 1. Step 1: The program starts to execute from the entrance start (code:0005), when the code:0013~0014 statement is executed, the machine code of the statement jmp short S1 at the label S2 is copied to code:0008, and the IP is 0016. At this time, assuming that there is no jmp short s instruction, the program will be executed to s2:jmp short s1, read jmp short s1 into the instruction buffer and IP=0022; and the transfer from s2 to s1 is the intra-segment transfer, the machine code format is EB disp, and disp=designation s1-designation s2=(00018-0022) complement=F6, so the machine code of the command jmp short s1 should be EBF6. Therefore, EBF6 is copied to the code:0008~code:0009 unit. 2. Step 2: Read the instruction jmp short s (EBF0) into the instruction buffer, IP=IP+0002=0018; the complement code of the designation s-designation s0=(0008-0018) = F0, and the transfer from s0 to s is the intra-segment transfer, and the machine code format is EB disp (i.e., EBF0) 3. Step 3: The command jmp short s(EBF0) is a command to modify the IP, after executing the command EBF0, IP=IP+(designation s-designation s0)=0008, pointing to the code:0008 unit. 4. Step 4: Read the content of unit code:0008. Since the command jmp short s1 (EBF6) at s2 is copied to the code:0008~code:0009 unit, after reading the contents of the unit, IP=IP+0002=000A 5. Step 5: Instruction jmp short s1 (EBF6) is a command to modify IP, after executing the command EBF6, IP=IP+(designation s1-designation s2)=0000, pointing to the code:0000 unit. 6. Step 6: The program goes to code:0000 to execute, that is, the normal end is completed. 3. Postscript Correctly analyze this code: Need to understand the process of CPU instruction execution and jmp short ? (calculated by IP modification). In addition, the complement code of the offset calculation result is also a key. After analyzing this seemingly abnormal code, I gained a deeper understanding of the JMP instructions in the assembly.
| 
Posted on 11/3/2014 11:32:49 PM
|
|
|
