{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 小情绪 Triste * 的问题《Difference between dword ptr and dword ptr:es》','https://www.manongdao.com/q-1288123.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I was just checking the disassembly of my C++ program in VS2010. Here it is :
int main()
{
00B613A0 push ebp
00B613A1 mov ebp,esp
00B613A3 sub esp,0D4h
00B613A9 push ebx
00B613AA push esi
00B613AB push edi
00B613AC lea edi,[ebp-0D4h]
00B613B2 mov ecx,35h
00B613B7 mov eax,0CCCCCCCCh
00B613BC rep stos dword ptr es:[edi]
00B613BE mov eax,dword ptr [___security_cookie (0B67000h)]
00B613C3 xor eax,ebp
00B613C5 mov dword ptr [ebp-4],eax
char temp[] = "hello";
00B613C8 mov eax,dword ptr [string "hello" (0B6573Ch)]
00B613CD mov dword ptr [ebp-10h],eax
00B613D0 mov cx,word ptr ds:[0B65740h]
00B613D7 mov word ptr [ebp-0Ch],cx
return 0;
00B613DB xor eax,eax
}
The lines in question are:
00B613BC rep stos dword ptr es:[edi]
00B613D0 mov cx,word ptr ds:[0B65740h]
I do not get why they use dword ptr es:[edi] and word ptr ds:[0B65740h]. Although I'm aware of what dword ptr means, I do not get the last part that is added, :es and :ds. I have seen this syntax quite a few times now to let it go unnoticed.
Thanks,
Devjeet
These are just artifacts of the disassembler. The ES segment register is already the default segment register used by the STOS instruction, the DS segment register is already the default segment register used for that MOV instruction. Hard to call it a bug but it is certainly unnecessary and inconsistently applied. I reckon that this is triggered by the REP prefix for the STOS instruction and the operand size prefix for that MOV instruction (16 bits instead of 8 or 32). A segment override is also a prefix.
32-bit code uses the flat memory model, the ES, DS, CS and SS segment registers map the entire 4 gigabyte address space. So there is very little reason to need a segment register override. Very different from 16-bit code where the segment registers are important to allow addressing more than 64 KB of memory. You will see segment overrides for the FS register in exception handling code. It points to the Thread Information Block, FS:[0] contains the current SEH frame.
ES is implied as the destination segment for the repeated string operations, but since DS and ES are guaranteed to always be the same on WIN32, it doesn't really matter if the ES override is present (explicit or implied).