x86 JMP opcode structure

c assembly x86 intel
10,400

This is a relative jump, meaning that the destination is given as relative to the next instruction.

This instruction is at address 0x411005 and takes 5 bytes, so the next instruction is at address 0x41100a. The relative amount to jump (encoded as little-endian, i.e. the bytes are stored from least significant to most significant) is 0x2136. So the destination of the jump is 0x41100a + 0x2136 = 0x413140.

Share:
10,400
Tony
Author by

Tony

Updated on August 25, 2022

Comments

  • Tony
    Tony over 1 year

    I'm just looking at the .text section of a simple exe I wrote in C, and I'm just trying to work out how some x86 opcodes are structured.

    From what I've been reading, it seems that 0xe9 is a single byte opcode for a relative jump (JMP), however I'm unsure how the rest of the bytes actually form the jump address.

    I'm using the super online disassembler ODA to disassemble my program, and this is what is displayed:

    .text:0x00411005    e936210000  jmp    0x00413140

    So 0xe9 is the JMP instruction, and as this is a 32-bit executable, I'm assuming the next four bytes are going to be the address for the jump, however I'm a little unsure as to how they are actually structured.

    If anyone could help shine some light on his, I'd appreciate it.

    Thanks

  • DADi590
    DADi590 almost 4 years
    Where could I find the part you said about little endian? (I believe and confirmed it myself right after having read this, but I needed to know about JNZ, which I found and I'm following the little endian again, but I'd like to know where you read that so I could know about the other instructions)
  • interjay
    interjay almost 4 years
    @DADi590 All instructions and their encodings are described in the Intel architecture manual volume 2.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

what does this instruction do?:- mov %gs:0x14,%eax
How hard is it (really) to decompile assembly code?
How might I convert Intel 80386 Machine Code to Assembly Language?
Help translating from assembly to C
Adding floating point/double numbers in assembly
Assembly Converting MOV / MOVZX and MOVSX to C code (no inline asm)
a Simple "Hello World" Inline Assembly language Program in C/C++
xorl %eax - Instruction set architecture in IA-32
LOCK prefix of Intel instruction. What is the point?
Causing a divide overflow error (x86)