Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>The target of the call in the <code>E8</code> instruction (<code>call</code>) is specified as <em>relative offset</em> from the current instruction pointer (IP) value.</p> <p>In your first code sample the offset is obviously <code>0x00000000</code>. It basically says</p> <pre><code>call +0 </code></pre> <p>The actual address of <code>printf</code> is not known yet, so the compiler just put the 32-bit value <code>0x00000000</code> there as a placeholder.</p> <p>Such incomplete call with zero offset will naturally be interpreted as the call to the current IP value. On your platform, the IP is pre-incremented, meaning that when some instruction is executed, the IP contains the address of the next instruction. I.e. when instruction at the address <code>0xE</code> is executed the IP contains value <code>0x13</code>. And the <code>call +0</code> is naturally interpreted as the call to instruction <code>0x13</code>. This is why you see that <code>0x13</code> in the disassembly of the incomplete code.</p> <p>Once the code is complete, the placeholder <code>0x00000000</code> offset is replaced with the actual offset of <code>printf</code> function in the code. The offset can be positive (forward) or negative (backward). In your case the IP at the moment of the call is <code>0x4004DF</code>, while the address of <code>printf</code> function is <code>0x4003C0</code>. For this reason, the machine instruction will contain a 32-bit offset value equal to <code>0x4003C0 - 0x4004DF</code>, which is negative value <code>-287</code>. So what you see in the code is actually</p> <pre><code>call -287 </code></pre> <p><code>-287</code> is <code>0xFFFFFEE1</code> in binary. This is exactly what you see in your machine code. It is just that the tool you are using displayed it backwards.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload