Re: [Pgubook-readers] movl

pgubook-readers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Pgubook-readers] movl _start, %eax

From:	Shuaib
Subject:	Re: [Pgubook-readers] movl _start, %eax
Date:	Mon, 22 Nov 2004 18:24:52 -0800 (PST)

Harold pointed out a typo in my previous post. I meant
to type:
"When I try "movl _start, %eax", %eax has 0xcc in it."
and NOT 

"When I try "movl _data_items, %eax", %eax has 0xcc in
it"

He said that he was able to get "bf" correctly on his
box. Any clues as to what is going on in mine?

> when you try to "movl _data_items, %eax",why do you
> expect $eax store the content of _start?
> or maybe this is a typo :-)
> but it's successful in my box that %eax has 0xbf.
>  --- Shuaib <address@hidden> µÄÕýÎÄ£º
> > I dissasemble the maximum program in chapter 3.
> > (objdump maximum -D) and I get this (only a part
> of
> > it):
> > 
> > 08048074 <_start>:
> >  8048074:       bf 00 00 00 00          mov   
> > $0x0,%edi
> >  8048079:       8b 04 bd a8 90 04 08    mov
> > 0x80490a8(,%edi,4),%eax
> > 
> > 080490a8 <data_items>:
> >  80490a8:       07                      pop    %es
> >  80490a9:       00 00                   add   
> > %al,(%eax)
> >  80490ab:       00 08                   add   
> > %cl,(%eax)
> > 
> > 
> > When I try "movl _data_items, %eax", %eax has 7 in
> > it.
> > When I try "movl $_data_items, %eax", %eax has
> > 080490a8 in it. Great, everything makes sense!
> > 
> > On the other hand, When I try "movl $_start,
> %eax",
> > %eax has 08048074 in it (good; makes sense since
> > $_start is the address). When I try "movl
> > _data_items,
> > %eax", %eax has 0xcc in it. The address location
> > pointed to by _start contains bf000000, and I was
> > expecting bf000000 when I executed that
> instruction.
> > WHY am I getting 0xcc? I suspect other people will
> > get
> > other values in the %eax. 
> > 
> > Here is what I'd like some elite to clarify: Does
> > the
> > OS (or the loader) relocate the _start section
> > somewhere else in the memory and 0x08048074 no
> > longer
> > points to the the original address that _start
> > pointed
> > to? Where does this 0xcc come from? Will I be able
> > to
> > see this in the dissasembly section?
> > 
> > I'd very much appreciate an explanation. I do not
> > believe the reason is in the book.
> > 
> > 
> >             
> > __________________________________ 
> > Do you Yahoo!? 
> > The all-new My Yahoo! - Get yours free! 
> > http://my.yahoo.com 
> >  
> > 
> > 
> > 



                
__________________________________ 
Do you Yahoo!? 
The all-new My Yahoo! - Get yours free! 
http://my.yahoo.com

[Prev in Thread]

Current Thread

[Next in Thread]

[Pgubook-readers] movl _start, %eax, Shuaib, 2004/11/21
- Re: [Pgubook-readers] movl _start, %eax, Jonathan Bartlett, 2004/11/27
  - Re: [Pgubook-readers] movl _start, %eax, Shuaib, 2004/11/28
- Re: [Pgubook-readers] movl _start, %eax, Shuaib <=
- Re: [Pgubook-readers] movl _start, %eax, Shuaib, 2004/11/22
  - Re: [Pgubook-readers] movl _start, %eax, harold, 2004/11/23

Prev by Date: [Pgubook-readers] movl _start, %eax
Next by Date: Re: [Pgubook-readers] movl _start, %eax
Previous by thread: Re: [Pgubook-readers] movl _start, %eax
Next by thread: Re: [Pgubook-readers] movl _start, %eax
Index(es):
- Date
- Thread