问题
I am stepping through a function in AT&T assembly right now and can't figure out how this specific jmp command works.
jmp *0x804a140(,%eax,4)
How exactly is it using the %eax register and 4 with the jump instruction? I have never seen jmp used this way before.
回答1:
If you are confused by at&t syntax, switch your tool to intel mode.
The effective address you see is not specific to jumps, you could have encountered it with any instruction that takes a memory operand.
In intel syntax this would look like: jmp [0x804a140 + 4 * eax]. It's an indirect jump that fetches the jump target from memory address 0x804a140 + 4 * eax. This is probably an item in a so-called jump table.
来源:https://stackoverflow.com/questions/23418524/how-does-the-jmp-instruction-work-in-att-assembly-in-this-instance