1

I can't for the love of me figure this one out. I'd assume the instruction lea 0x0(,%rcx,4),%esi

to mean "set %esi to the result of multiplication of %rcx by 4". But that's not it. So what does it mean? It's odd in the first place that the offset is 0x0 and that mul isn't used instead...

EDIT: I think something is implicitly used as a base. But I don't know what.

Michael Petch
  • 46,082
  • 8
  • 107
  • 198
swaggg
  • 460
  • 4
  • 13
  • 1
    0 is used as the base. It is 0+[0+rcx*4] . What makes you think otherwise. What value do you get for ESI? What was the value of RCX before the instruction executed? – Michael Petch Jul 27 '21 at 08:42
  • 1
    “set %esi to the result of multiplication of %rcx by 4” – this is exactly what this instruction does. Could it perhaps be subject to a relocation not filled in yet? – fuz Jul 27 '21 at 08:57
  • 1
    See my answer :). – swaggg Jul 27 '21 at 08:59

1 Answers1

2

It was my mistake. I overlooked the fact the destination is marked as 32-bit. What this means is if the result of the multiplication is higher than that, it will get cut off.

So if you have some long value such as 2400923063, 2400923063*4=0x23c6cb6dc, but then the last half-byte will get cut off, and you will get 0x3c6cb6dc as the result (1013757660).

swaggg
  • 460
  • 4
  • 13
  • 1
    Yup, the net result is just a simple left-shift by 2. The reason for using `lea` instead of `shl` is to non-destructively put the result in another register instead of modifying ECX. (In your question, you say "odd that mul isn't used instead", but that would be insane for a power of 2, unless you're optimizing for code-size over speed, then yes `imul $4, %ecx, %esi` might be even more compact than `mov` + `shl`. [Using LEA on values that aren't addresses / pointers?](https://stackoverflow.com/a/46597375) / [Efficient Assembly multiplication](https://stackoverflow.com/q/59227227) – Peter Cordes Jul 27 '21 at 09:15