ldr r0,=something … something: means load the address of the label something into the register r0. The assembler then adds a word somewhere in reach of the ldr instruction and replaces it with a ldr r0,[pc,#offset] instruction So this shortcut ldr r0,=0x12345678 means load 0x12345678 into r0. being mostly fixed length instructions, you cant load … Read more
Something i found * EAX – Accumulator Register * EBX – Base Register * ECX – Counter Register * EDX – Data Register * ESI – Source Index * EDI – Destination Index * EBP – Base Pointer * ESP – Stack Pointer
leal, or lea full name is “Load effective address” and it does exactly this: It does an address calculation. In your example the address calculation is very simple, because it just adds a offset to ebx and stores the result in eax: eax = ebx + 0x10 lea can do a lot more. It can … Read more
In this case, the $ means the current address according to the assembler. $ – msg is the current address of the assembler minus the address of msg, which would be the length of the string.
Bottom line (TL;DR): LFENCE alone indeed seems useless for memory ordering, however it does not make SFENCE a substitute for MFENCE. The “arithmetic” logic in the question is not applicable. Here is an excerpt from Intel’s Software Developers Manual, volume 3, section 8.2.2 (the edition 325384-052US of September 2014), the same that I used in … Read more
Most Windows process (*.exe) are loaded in (user mode) memory address 0x00400000, that’s what we call the “virtual address” (VA) – because they are visible only to each process, and will be converted to different physical addresses by the OS (visible by the kernel / driver layer). For example, a possible physical memory address (visible … Read more
[L1] means the memory contents at address L1. After running mov al, [L1] here, The al register will receive the byte at address L1 (the letter ‘w’).
rep; nop is indeed the same as the pause instruction (opcode F390). It might be used for assemblers which don’t support the pause instruction yet. On previous processors, this simply did nothing, just like nop but in two bytes. On new processors which support hyperthreading, it is used as a hint to the processor that … Read more
TL:DR: MARS tooltips are misleading; you need to disable auto-alignment for the rest of the section using .align 0. You can’t just under-align the next word. .align 1 does align by 2, that’s not the problem. e.g. try it between .byte or .ascii pseudo-instructions. e.g. this source produces 0x00110062 as the first word of the … Read more
edi and esi are the two arguments to func4. This is according to standard calling convention, but can also be deduced from the fact that these registers are used without initialization, so their value must come from outside. As such, the prototype is int func4(int a, int b). Line +23 check to see if a … Read more