Question: How do i calculate the offset. Below the offsets are 0000005, 0000008, and 000000A. How is that determined? FIGURE 7-0 xcerpt l rom the Add
How do i calculate the offset. Below the offsets are 0000005, 0000008, and 000000A. How is that determined?
FIGURE 7-0 xcerpt l rom the Add WO Source listing ille. 1 ; AddTwo. asm - adds two 32-bit integers. ; Chapter 3 example .386 .model flat, stdcall . stack 4096 ExitProcess PROTO, dwExitCode: DWORD 4 7 .code 10: main PROC 00000000 B8 00000005 00000005 83 CO 06 mov eax, 5 12: add eax, 6 14: 15: 16: 17: 18: 00000008 6A 00 0000000A E8 00000000 E 000000OF invoke ExitProcess,0 push+000000000h call ExitProcess main ENDP END main Lines 10 and 11 also show the same starting address of 00000000, because the first executable statement is the MOV instruction on line 11. Notice on line 11 that several hexadecimal bytes appear between the address and the source code. These bytes (B8 00000005) represent the machine code instruction (B8), and the constant 32-bit value (00000005) that is assigned to EAX by the instruction: 11: 00000000 B8 00000005 mov eax, 5 The value B8 is also known as an operation code (or just opcode), because it represents the spe- cific machine instruction to move a 32-bit integer into the eax register. In Chapter 12 we explain the structure of x86 machine instructions in great detail Line 12 also contains an executable instruction, starting at offset 00000005. That offset is a distance of 5 bytes from the beginning of the program. Perhaps you can guess how that offset was calculated FIGURE 7-0 xcerpt l rom the Add WO Source listing ille. 1 ; AddTwo. asm - adds two 32-bit integers. ; Chapter 3 example .386 .model flat, stdcall . stack 4096 ExitProcess PROTO, dwExitCode: DWORD 4 7 .code 10: main PROC 00000000 B8 00000005 00000005 83 CO 06 mov eax, 5 12: add eax, 6 14: 15: 16: 17: 18: 00000008 6A 00 0000000A E8 00000000 E 000000OF invoke ExitProcess,0 push+000000000h call ExitProcess main ENDP END main Lines 10 and 11 also show the same starting address of 00000000, because the first executable statement is the MOV instruction on line 11. Notice on line 11 that several hexadecimal bytes appear between the address and the source code. These bytes (B8 00000005) represent the machine code instruction (B8), and the constant 32-bit value (00000005) that is assigned to EAX by the instruction: 11: 00000000 B8 00000005 mov eax, 5 The value B8 is also known as an operation code (or just opcode), because it represents the spe- cific machine instruction to move a 32-bit integer into the eax register. In Chapter 12 we explain the structure of x86 machine instructions in great detail Line 12 also contains an executable instruction, starting at offset 00000005. That offset is a distance of 5 bytes from the beginning of the program. Perhaps you can guess how that offset was calculated
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help