[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Pgubook-readers] movl _start, %eax
|
From: |
Shuaib |
|
Subject: |
[Pgubook-readers] movl _start, %eax |
|
Date: |
Sun, 21 Nov 2004 17:53:20 -0800 (PST) |
I dissasemble the maximum program in chapter 3.
(objdump maximum -D) and I get this (only a part of
it):
08048074 <_start>:
8048074: bf 00 00 00 00 mov
$0x0,%edi
8048079: 8b 04 bd a8 90 04 08 mov
0x80490a8(,%edi,4),%eax
080490a8 <data_items>:
80490a8: 07 pop %es
80490a9: 00 00 add
%al,(%eax)
80490ab: 00 08 add
%cl,(%eax)
When I try "movl _data_items, %eax", %eax has 7 in it.
When I try "movl $_data_items, %eax", %eax has
080490a8 in it. Great, everything makes sense!
On the other hand, When I try "movl $_start, %eax",
%eax has 08048074 in it (good; makes sense since
$_start is the address). When I try "movl _data_items,
%eax", %eax has 0xcc in it. The address location
pointed to by _start contains bf000000, and I was
expecting bf000000 when I executed that instruction.
WHY am I getting 0xcc? I suspect other people will get
other values in the %eax.
Here is what I'd like some elite to clarify: Does the
OS (or the loader) relocate the _start section
somewhere else in the memory and 0x08048074 no longer
points to the the original address that _start pointed
to? Where does this 0xcc come from? Will I be able to
see this in the dissasembly section?
I'd very much appreciate an explanation. I do not
believe the reason is in the book.
__________________________________
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
http://my.yahoo.com
- [Pgubook-readers] movl _start, %eax,
Shuaib <=