1

I have a very brief understanding of assembly and am confused as to what this code below does?

movl (%eax, %edx, 4), %ecx

My understanding is that %edx is being multiplied by 4 and then being added with the value of of %eax and then being stored in %ecx This is the table given with the values

Register Values

The answer given is 0x11 however I don't get that answer.

SA97
  • 25
  • 1
  • 1
  • 6
  • In AT&T syntax the usage of `(..)` parentheses hints that memory content is being fetched/written. Unfortunately that rule is not followed everywhere, certain instructions enforce memory usage without `()` syntax (when the instruction doesn't make sense for non-memory usage). In Intel syntax the memory access is marked by `[]`, used much more rigorously with all (?) instructions (`lea` is kind of exception using the `mov` syntax, but not accessing memory). So with AT&T syntax you have to read the instruction fully to tell whether memory is accessed or not, but with `()` it's safe bet. – Ped7g Nov 16 '16 at 15:12

1 Answers1

4

EDX is multiplied by four, added to EAX, a 4 byte value is read from memory at that address, and placed into ECX.

MOV, in general, doesn't perform arithmetic, unless it's address calculation.

In your particular case: edx = 3, eax = 0x100, temporary_address_in_CPU_during_mov = eax + edx * 4 = 0x100 + 3*4 = 0x10C. Value in memory at address 0x10C is 0x11.

This address arithmetic can be used itself through lea instruction, when the CPU will do the address math, but instead of loading value from memory it will just store the calculated address, so:

leal (%eax, %edx, 4), %ecx

will load ecx with value 0x10C (without accessing memory). This is sometimes "tricked" for doing simple arithmetic, like eax = 5*eax : lea (eax,eax,4),eax (may be faster than imul and doesn't change flag register, sometimes handy).

Ped7g
  • 16,236
  • 3
  • 26
  • 63
Seva Alekseyev
  • 59,826
  • 25
  • 160
  • 281