Need help understanding E8 asm call instruction x86
14,685
Whatever you're using to obtain the disassembly is trying to be helpful, by giving the target of the call as an offset from some symbol that it knows about -- but given that the offset is so large, it's probably confused.
The actual target of the call can be calculated as follows:
-
E8
is acall
with a relative offset. - In a 32-bit code segment, the offset is specified as a signed 32-bit value.
- This value is in little-endian byte order.
- The offset is measured from the address of the following instruction.
e.g.
<some address> E8 32 F6 FF FF call <somewhere>
<some address>+5 (next instruction)
- The offset is
0xFFFFF632
. - Interpreted as a signed 32-bit value, this is
-0x9CE
. - The
call
instruction is at<some address>
and is 5 bytes long; the next instruction is at<some address> + 5
. - So the target address of the call is
<some address> + 5 - 0x9CE
.
Related videos on Youtube
Author by
Michael
Updated on June 04, 2022Comments
-
Michael almost 2 years
I need a helping hand in order to understand the following assembly instruction. It seems to me that I am calling a address at someUnknownValue += 20994A?
E8 32F6FFFF - call std::_Init_locks::operator=+20994A
-
Michael about 12 yearsTank you so much. Your example is spot on!
-
Rafa about 9 years@Matthew could the call instruction be more than 5 bytes long? (In a x86 archi. can the next instric. be at <some address> + 6)? In what case?
-
Vladislav Ivanishin over 8 years@Rafa, call relative offset instruction is 5 bytes, because max relative offset must fit in 4 bytes. If the target is farther than 2**31 bytes away,
mov reg, imm64; call reg
is used.