Page 1 of 1

JMP to hex memory index, how segments influence that.

Posted: Mon May 23, 2011 3:27 pm
by rand
Ok, I'm sorry if it can sound newby, but, given this situation:

Code: Select all

eax            0xa40	2624
ecx            0x1	1
edx            0x100	256
ebx            0x404	1028
esp            0x400	0x400
ebp            0x0	0x0
esi            0x165	357
edi            0x280a	10250
eip            0x7d15	0x7d15
eflags         0x2	[ ]
cs             0x0	0
ss             0xa40	2624
ds             0xa40	2624
es             0xa40	2624
fs             0x0	0
gs             0x0	0
I'm ready to execute the line 161, wich is located at 0x7d15:

Code: Select all

(copied from my listing file)

   155                                  ; So, we are going to run the second stage...
   156 00000109 B8400A                  	mov ax, 0x0a40			; set up segments
   157 0000010C 8ED8                    	mov ds, ax
   158 0000010E 8EC0                    	mov es, ax
   159 00000110 8ED0                    	mov ss, ax
   160 00000112 BC0004                  	mov sp, 0x0400
   161 00000115 E9(0028)                	jmp 0x2800				; I changed segments but it works, why?
If I step the istruction I get:

Code: Select all

eax            0xa40	2624
ecx            0x1	1
edx            0x100	256
ebx            0x404	1028
esp            0x400	0x400
ebp            0x0	0x0
esi            0x165	357
edi            0x280a	10250
eip            0xa400	0xa400
eflags         0x2	[ ]
cs             0x0	0
ss             0xa40	2624
ds             0xa40	2624
es             0xa40	2624
fs             0x0	0
gs             0x0	0
Wich is exactly the result I wanted, because my stage2 starts at 0xa400, but I don't understant how I got it working.
My question is: how my 0x2800 is interpreted? It seems there is something adding 0x7c00 to the index, but I changed segments before jumping! How is this possible?

Thank you.
Thank you

Re: JMP to hex memory index, how segments influence that.

Posted: Mon May 23, 2011 4:21 pm
by gerryg400
E9 opcode is a near relative jmp. Because it's 'near', segments don't matter.

Re: JMP to hex memory index, how segments influence that.

Posted: Mon May 23, 2011 4:28 pm
by rand
gerryg400 wrote:E9 opcode is a near relative jmp. Because it's 'near', segments don't matter.
Yep, but I expected to be relative to 0x7d15, from my debug it seems to be relative to 0x7c00. Am I missing something?
I will go on with further debugging tomorrow.


tnx

Re: JMP to hex memory index, how segments influence that.

Posted: Mon May 23, 2011 10:56 pm
by Combuster
Your assembler turns your absolute address into the relative one. If it then executes at a different offset than expected, then the destination will shift accordingly.

[SOLVED] JMP to hex memory index, how segments influence tha

Posted: Tue May 24, 2011 5:13 am
by rand
ok, I checked the actual machine code; nasm emits the byte sequence "E9 E8 26" wich means "jmp 0x26e8".
so:
0x7d15 + 0x26e8 + 3(istruction size?) = 0xa400

thank you

Re: [SOLVED] JMP to hex memory index, how segments influence

Posted: Tue May 24, 2011 5:44 am
by Combuster
rand wrote:the byte sequence "E9 E8 26" wich means "jmp 0x26e8"
Its "jmp $+0x26e8" (or jmp .+0x26e8 according to some others), your calculation still appears correct though.