0
add    -0x4(%rsp,%rbx,4),%eax

cmp    %eax,(%rsp,%rbx,4)

I got confused by this two lines, I know it is adding the first one and saving the value into eax, but I don't know how to read/think about the first part of adding. And same thing for the compare I don't really understand what I'm comparing

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
Face GHost
  • 1
  • 1
    Depending on where that assembly comes from (whether you dumped it with the compiler, or it comes from elsewhere). If you generated it with, e.g. `gcc -S`, you may find reading Intel format a bit easier (I know I do, but it's just a personal preference). Regardless, if you generated it, you can add `-masm=intel` as an option and it will generate Intel syntax. If you were just handed the assembly, you are stuck with ATT. – David C. Rankin Oct 27 '22 at 06:39
  • The *Indexed Addressing* for the *source* address in the first line is `base_address(offset_address, index, size)` – David C. Rankin Oct 27 '22 at 06:47

1 Answers1

-3

This syntax belongs to at&t. -0x4(%rsp,%rbx,4) on first line so for sum the values ​​in the brackets and multiply by -4. sums with eax and the result of eax changes

add    -0x4(%rsp,%rbx,4),%eax

That means

eax = (rsp+rbx*4) - 4 + eax

The bottom line means:

cmp    %eax,(%rsp,%rbx,4)

cmp is the compare command. Greater than, less than, or equal to. Comparing eax with (rsb+rbx+4). As a result, the following flags change enter image description here

ali
  • 17
  • 5
  • 1
    `-0x4(%rsp,%rbx,4)` means `rsp+rbx*4 - 4`. `cmp` also has the AT&T inverted operands order, so the table is wrong for AT&T. Also there are more flags that CF, ZF, SF and `cmp` is just a discarded-result `sub`. – Margaret Bloom Oct 27 '22 at 07:28
  • Actually I am using intel syntax. And I more or less knew what At&T looked like. thanks for the fix – ali Oct 27 '22 at 07:59
  • 1
    The number outside the parentheses is a displacement, not a multiplier. The third clause **in** the parentheses is a multiplier however, but only for the second clause. – ecm Oct 27 '22 at 09:08
  • 1
    See [A couple of questions about \[base + index\*scale + disp\] and AT&T disp(base, index, scale)](https://stackoverflow.com/q/27936196) re: AT&T addressing modes. `add -0x4(%rsp,%rbx,4),%eax` is `add eax, [rsp+rbx*4 - 4]`, as an assembler + disassembler could tell you. – Peter Cordes Oct 27 '22 at 11:51