unconditional direct jump not permitted in 64 bit?

rblampain · 06-17-2014, 06:34 AM

(my previous problems with jumps were errors in my code)
My laptop fails on a "jmp" instruction in Nasm 64 (simply ignores it although it compiles and links). Googling, I found a lot of confusing info: "there is no such instruction" and some indirect way to do this although it is 32 bit examples.
The manual makes reference to "rip" but if this needs to be part of the instruction, I have no idea how to do it.

I have seen this 32 bit code that's supposed to do the trick (in 32 bits):

Code:

	call	next_line
next_line:
	pop	eax

Can someone tell me if a "jmp label" instruction should work if "label:" previously exists (in which case the error is likely to be in the code).

Thank you for your help.

NevemTeve · 06-17-2014, 07:12 AM

Please paste a short program that shows the problem, also its Assembly listing (-l option of nasm).

mina86 · 06-17-2014, 08:21 AM

“jmp label” and “call label” should both work fine.

http://www.intel.com/Assets/en_US/PDF/manual/253666.pdf describes CALL and JMP instructions and here's gist of it:

Code:

| Opcode | Instr-     | Op/ | 64-Bit | Compat/  | Description                   |
|        | uction     | En  | Mode   | Leg Mode |                               |
|--------+------------+-----+--------+----------+-------------------------------|
| E8 cd  | CALL rel32 | B   | Valid  | Valid    | Call near, relative,          |
|        |            |     |        |          | displacement relative to      |
|        |            |     |        |          | next instruction. 32-bit      |
|        |            |     |        |          | displacement sign extended    |
|        |            |     |        |          | to 64-bits in 64-bit mode.    |
|--------+------------+-----+--------+----------+-------------------------------|
| FF /2  | CALL r/m64 | B   | Valid  | N.E.     | Call near, absolute indirect, |
|        |            |     |        |          | address given in r/m64.       |
|--------+------------+-----+--------+----------+-------------------------------|
| E9 cd  | JMP rel32  | A   | Valid  | Valid    | Jump near, relative, RIP =    |
|        |            |     |        |          | RIP + 32-bit displacement     |
|        |            |     |        |          | sign extended to 64-bits      |
|--------+------------+-----+--------+----------+-------------------------------|
| FF /4  | JMP r/m64  | B   | Valid  | N.E.     | Jump near, absolute indirect, |
|        |            |     |        |          | RIP = 64-Bit offset from      |
|        |            |     |        |          | register or memory            |
|--------+------------+-----+--------+----------+-------------------------------|

PS. I assume you are aware of the differences between the two.

johnsfine · 06-17-2014, 08:28 AM

Quote:

Originally Posted by rblampain

(my previous problems with jumps were errors in my code)
My laptop fails on a "jmp" instruction in Nasm 64 (simply ignores it although it compiles and links).

I don't believe that is true. The previous problems that led you to the same conclusion (jmp not working) were logic errors in the code and the jmp was fine.
http://www.linuxquestions.org/questi...ng-4175507845/

Quote:

I found a lot of confusing info: "there is no such instruction"

That is because you almost never need a direct jmp. You almost always use a relative jmp. In asm a relative jmp and a direct jmp may look the same. In modes where both are possible, the assembler must choose which is appropriate.

Quote:

Can someone tell me if a "jmp label" instruction should work if "label:" previously exists

The assembler is multi-pass so the label will be understood whether it is earlier in the source code or later.

"jmp label" will be a relative (rather than direct) jmp whenever the label is in the same link time segment as the jmp instruction.

What kind of jmp is required may be more complicated when the destination is in a different link time segment. The assembler plus the linker and/or loader might do some tricky things so a relative jmp still works, or you might have a problem.

rblampain · 06-18-2014, 09:22 AM

Thank you for your answers.

I am reluctant to put the listing of the assembly code as it is 267 lines long and I suspect my mistake is probably very obvious as described below. However I will do so if absolutely necessary.
It looks like my code is not laid out correctly. This is the result of "strace".

Code:

strace ./test
execve("./test", ["./test"], [/* 30 vars */]) = 0
open("testFile", O_RDONLY)              = 3
read(3, "Benzodiazepines\ncl\nfix\ngulp\nligh"..., 496) = 495
write(1, "Got there OK.\n\16Found byte 0\n\fRes"..., 7070761840551085582) = -1 EFAULT (Bad address)
_exit(0)                               = ?

"Got there OK." and "Found byte 0" and "Res..." are messages described below (I only have a short need for assembly and no time to learn how to use the debugger.)

The code is laid out as follows:

Code:

section .text
global _start
_start:                     ; ELF entry point
%include "open_read"        ; OK
some working code here - checked every line of it
%include "exit"             ; must be first
;These are subroutines
%include "convert"
%include "bindec"
%include "errors"
;
section .data
%include "messages"
%include "definitions"

I think the "error" block (%include "errors") or the "messages" block (%include "messages") or both is the problem as I laid them one after the other in a way that is not compatible for the assembler but I can't figure out and I cant find what the correct way of doing it is. The blocks are as follows:

Code:

error000:
mov rax, 1              ; sys_write
mov rdi, 1              ; STDOUT
mov rsi, message000        ; buffer
mov rdx, [message000L]  ; length of buffer
syscall
; This was tested with and without the exit code below because this exit code does not have a "ret" which I thought did not matter.
mov rax, 60             ; sys_exit
xor rdi, rdi            ; 0
syscall

error001:
mov rax, 1              ; sys_write
mov rdi, 1              ; STDOUT
mov rsi, message001        ; buffer
mov rdx, [message001L]  ; length of buffer
syscall
call exit

This is repeated a number of times.

Code:

message000: db 'Got there OK.', 10
message000L: db 14

message001: db 'Found byte 0', 10
message001L: db 12

This is also repeated the same number of times.

NevemTeve · 06-18-2014, 09:58 AM

Where is the "non working jmp statement"?
Here is a nasm's Assembly listing with a jmp in it:

Code:

    17 0000002A E900000000                      jmp     over
    18 0000002F B83C000000              over:   mov     eax, 60
    19 00000034 4831FF                          xor     rdi, rdi
    20 00000037 0F05                            syscall

ntubski · 06-18-2014, 10:53 AM

Code:

write(1, "Got there OK.\n\16Found byte 0\n\fRes"..., 7070761840551085582) = -1 EFAULT (Bad address)
...
error000:
mov rsi, message000        ; buffer
mov rdx, [message000L]  ; length of buffer
...
message000: db 'Got there OK.', 10
message000L: db 14

I believe mov rdx, [message000L] would read 8 bytes starting from the location labeled message000L, but db 14 only 14 into a single byte, the following 7 bytes are whatever happen to be there. That's why the length parameter is wrong in the write syscall. You should use dq to make an 8 byte length (alternatively, change the code to read a single byte).

rblampain · 06-19-2014, 04:55 AM

Thank you ntubski, you are correct, I changed:

Code:

message000L: db 14

to:

Code:

message000L: dq 14

and strace is now:

Code:

$ strace ./test
execve("./test", ["./test"], [/* 30 vars */]) = 0
open("testFile", O_RDONLY)              = 3
read(3, "Benzodiazepines\ncl\nfix\ngulp\nligh"..., 496) = 495
write(1, "Got there OK.\n", 14Got there OK.
)         = 14
_exit(0)                                = ?