{"id":18581,"date":"2010-07-10T18:19:32","date_gmt":"2010-07-10T12:49:32","guid":{"rendered":"http:\/\/www.jeffrin.in\/?p=1974"},"modified":"2010-07-10T18:19:32","modified_gmt":"2010-07-10T12:49:32","slug":"1974-2","status":"publish","type":"post","link":"https:\/\/www.trueangle.org\/index.php\/2010\/07\/10\/1974-2\/","title":{"rendered":"eip in 32-bit mode and rip in 64-bit mode"},"content":{"rendered":"

\nABOUT Processor Register<\/u><\/p>\n

\nIn computer architecture, a processor register is a quickly accessible location available to a computer's central processing unit (CPU). Registers usually consist of a small amount of fast storage, although some registers have specific hardware functions, and may be read-only or write-only. Registers are typically addressed by mechanisms other than main memory, but may in some cases be assigned a memory address e.g. DEC PDP-10, ICT 1900.\n<\/pre>\n
[bash light=”true”]
\n(gdb) info registers
\nrax            0xfffffffffffffdfc\t-516
\nrbx            0x5dc\t1500
\nrcx            0xffffffffffffffff\t-1
\nrdx            0x5dc\t1500
\nrsi            0x1\t1
\nrdi            0x7fff09cf5780\t140733357971328
\nrbp            0x2051160\t0x2051160
\nrsp            0x7fff09cf5730\t0x7fff09cf5730
\nr8             0x0\t0
\nr9             0xffffffff\t4294967295
\nr10            0x8\t8
\nr11            0x246\t582
\nr12            0x7fff09cf5780\t140733357971328
\nr13            0x7fff09cf5790\t140733357971344
\nr14            0x0\t0
\nr15            0x1\t1
\nrip            0x7f2e947000c8\t0x7f2e947000c8
\neflags         0x246\t[ PF ZF IF ]
\ncs             0x33\t51
\nss             0x2b\t43
\nds             0x0\t0
\nes             0x0\t0
\nfs             0x0\t0
\ngs             0x0\t0
\n(gdb)
\n[\/bash]<\/p>\n
\nThe RIP register is the instruction pointer register. In 64\n-bit mode, the RIP register is extended to 64 bits to support\n64-bit offsets. In 32-bit x86 architecture, the instruction\npointer register is the EIP register.source:\n\n<\/pre>\n
Related STUFF<\/u>
\n[text]
\nCode:
\nexample code 1 RIP-relative addressing<\/p>\n
.section .data
\n\tmydata: .long 0<\/p>\n
.section .bss<\/p>\n
.section .text
\n\t.global _start
\n_start:
\n\t\t\tmovq\t$64, mydata(%rdi)
\nCode:
\nexample code 2
\n.section .data
\n\tmydata: .long 0<\/p>\n
.section .bss<\/p>\n
.section .text
\n\t.global _start
\n_start:
\n\t\t\tmovq\t$64, mydata
\nand the results<\/p>\n
Code:
\nexample 1 RIP-relative addressing
\ncode1:     file format elf64-x86-64<\/p>\n
Disassembly of section .text:<\/p>\n
00000000004000b0 :
\n  4000b0:\t48 c7 87 bc 00 60 00 \tmovq   $0x40,0x6000bc(%rdi)
\n  4000b7:\t40 00 00 00
\nCode:
\nexample 2
\ncode2:     file format elf64-x86-64<\/p>\n
Disassembly of section .text:<\/p>\n
00000000004000b0 :
\n  4000b0:\t48 c7 04 25 bc 00 60 \tmovq   $0x40,0x6000bc
\n  4000b7:\t00 40 00 00 00
\nare we talking about a one byte reduction in code size every time I use RIP relative addressing?
\n[\/text]
\nTypical RIP and EIP Knowledge<\/u>
\n[text]
\nHow RIP\/EIP relative addressing works in 32-bit mode<\/p>\n
In 32-bit programs you can’t do this :<\/p>\n
mov al, [eip]<\/p>\n
But you will have to do something like this instead :
\ncall $ + 5
\npop ebx
\nadd ebx, 1 + 1 + 1 + 1 ; POP + ADD + ModRM + imm8
\nmov al, [ebx] ; EBX is now pointing to this instruction!<\/p>\n
How RIP\/EIP relative addressing works in 64-bit mode<\/p>\n
In 64-bit programs you are allowed to write this :
\nmov al, [rip]
\n[\/text]
\nLINK
\nhttp:\/\/developers.sun.com\/solaris\/articles\/x64_dbx.html<\/a>
\nhttps:\/\/en.wikipedia.org\/wiki\/Processor_register<\/a>
\nhttp:\/\/www.codegurus.be\/codegurus\/Programming\/riprelativeaddressing_en.htm<\/a>
\nhttp:\/\/www.linuxforums.org\/forum\/linux-programming-scripting\/131795-amd-64-bit-rip-relative-addressing.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
ABOUT Processor Register In computer architecture, a processor register is a quickly accessible location available to a computer’s central processing unit (CPU). Registers usually consist of a small amount of fast storage, although some registers have specific hardware functions, and may be read-only or write-only. Registers are typically addressed by mechanisms other than main memory, … <\/p>\n
Continue reading “eip in 32-bit mode and rip in 64-bit mode”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[83],"tags":[950,1359,1432],"_links":{"self":[{"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/posts\/18581"}],"collection":[{"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/comments?post=18581"}],"version-history":[{"count":0,"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/posts\/18581\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/media?parent=18581"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/categories?post=18581"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.trueangle.org\/index.php\/wp-json\/wp\/v2\/tags?post=18581"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}