1

i understand what the other calls are doing but when i get line 36, i don't get what's happening?

my 3 parameters are rsi = 5, rdx = 6, rcx = 7

On line 26 my %rax = 25 then on line 30 my rsi changes from 5 to 37

can you explain why this happens? and what is 0x40272e

0x0000000000401212 <+0>:        sub    $0x8,%rsp                # subtract 8 from rsp
0x0000000000401216 <+4>:        lea    -0x1(%rdx),%rax          # rax = -1 + rdx  
0x000000000040121a <+8>:        cmp    $0xf,%rax                # rax ?? 0xf '-1' 'SI' 
0x000000000040121e <+12>:   ja     0x40124f <phase_3+61>    # if(rax > 0xf) goto L1 
0x0000000000401220 <+14>:   cmp    $0x2,%rdi                # rdi ?? 0x2 
0x0000000000401224 <+18>:   jle    0x40124f <phase_3+61>    # if(rdi <= 0x2) goto L1 
0x0000000000401226 <+20>:   cmp    $0xa,%rsi                # rsi ?? 0xa '10' 'LF' 
0x000000000040122a <+24>:   ja     0x40124f <phase_3+61>    # if(rsi > 0xa) goto L1   
0x000000000040122c <+26>:   lea    (%rsi,%rsi,4),%rax       # rax = 5 * rsi 
0x0000000000401230 <+30>:   movzwl 0x40272e(,%rax,4),%esi   # esi = 0 + rax * 4 
0x0000000000401238 <+38>:   movsbq 0x402801(,%rdx,4),%rax   # rax = 0 + rdx * 4 
0x0000000000401241 <+47>:   xor    %rax,%rsi                # rsi ^ rax 
0x0000000000401244 <+50>:   sete   %al                      # if (rsi == rax) al = 1
0x0000000000401247 <+53>:   movzbl %al,%eax                 # rax = al
0x000000000040124a <+56>:   cmp    %rcx,%rsi                # rsi ?? rcx
0x000000000040124d <+59>:   je     0x40125b <phase_3+73>    # if (rsi == rcx) goto L2 
0x000000000040124f <+61>:   callq  0x401b17 <bomb_explodes> # boom boom
0x0000000000401254 <+66>:   mov    $0xffffffffffffffff,%rax # rax = -1
0x000000000040125b <+73>:   add    $0x8,%rsp                # add 8 to rsp
0x000000000040125f <+77>:   retq                            # return rax
melpomene
  • 84,125
  • 8
  • 85
  • 148
sohero
  • 11
  • 1
  • 3
    `movzwl 0x40272e(,%rax,4),%esi`. The `0x40272e(,%rax,4)` is a memory operand. So the data for the instruction is moved from memory address 0x40272e+%rax*4 to the destination. In this case movzwl will move the 2 bytes (word) at memory address 0x40272e+%rax*4 zero extend it to 32-bits (long) and store that value in _ESI_ – Michael Petch Nov 04 '18 at 23:32
  • 2
    I'd just like to note that `0xf` is 15 in decimal, not -1. – melpomene Nov 04 '18 at 23:36
  • I should have noted that since ESI is a 32-bit register the result will be automatically zero extended by the processor across the entire 64-bit register RSI. This is true when in 64-bit mode and the destination is a 32-bit general purpose register. – Michael Petch Nov 04 '18 at 23:55
  • 1
    if you understand `lea -0x1(%rdx),%rax` then `movzwl 0x40272e(,%rax,4),%esi` or any other memory-access instructions use the same syntax [What does "movl $0x4050, (%eax)" do?](https://stackoverflow.com/q/27159118/995714), [What does 0x4 do in "movl $0x2d, 0x4(%esp)"?](https://stackoverflow.com/q/2386684/995714), [assembly leal and movl difference](https://stackoverflow.com/q/13517083/995714) – phuclv Nov 05 '18 at 01:07
  • 2
    *and what is 0x40272e* Probably a `const` array (of 16-bit unsigned integers) in the `.rodata` section; notice that your code addresses are nearby, like `0x401212` – Peter Cordes Nov 05 '18 at 01:59

0 Answers0