Reputation: 779
Understanding disassembler: See how many bytes are used for add
I disassembled a program (with objdump -d a.out) and now I would like understand what the different sections in a line like
400586: 48 83 c4 08 add $0x8,%rsp
stand for. More specifically I would like to know how you can see how many bytes are used for adding two registers. My idea was that the 0x8 in add $0x8,%rsp, which is 8 in decimal gives me 2 * 4 so 2 bytes for adding 2 registers. Is that correct?
PS: compiler is gcc, OS is suse linux
Upvotes: 1
Views: 241
Answers (1)
Reputation: 14409
In the second column you see 48 83 c4 08. Every two-digit hex-number stands for one byte, so the amount of bytes is four. The last 08 correlates to $0x8, the other three bytes are the machine code for "add an 8-bit constant to RSP" (for pedantic editors: Intel writes its registers upper case). It's quite difficult to deconstruct the machine code, but your assumption is completely wrong.
Upvotes: 3
Related Questions
- Why gcc -O0 allocating extra space for local variable (16 instead of 8 bytes)?
- How would you explain this disassembly listing?
- What are these extra instructions when disassembling simple binary?
- Compilers: Understanding assembly code generated from small programs
- Trying to understand simple disassembled code from g++
- How does a disassembler work and how is it different from a decompiler?
- learning disassembly
- Trying to understand assembly code
- Size of Variables in x86
- Explanation of the disassembly of the simplest program (x86)