From: JJ on
Hi all,

this is probably a dumb question to most folks here, in which case
apologies for that.

I have seen this word "offset" in hex editors and wanted to know what
it means. Or to put it in other words, I know that the generic
definition for the word in the english language is something like
"displacement". But what does it mean in hex editors and in assembler
programming?

If it refers to displacement then displacement from what..?

Thanks very much!

cheers




From: Alexei A. Frounze on
On May 9, 2:40 pm, JJ <sa...(a)nospicedham.temporaryinbox.com> wrote:
> Hi all,
>
> this is probably a dumb question to most folks here, in which case
> apologies for that.
>
> I have seen this word "offset" in hex editors and wanted to know what
> it means. Or to put it in other words, I know that the generic
> definition for the word in the english language is something like
> "displacement". But what does it mean in hex editors and in assembler
> programming?
>
> If it refers to displacement then displacement from what..?

From the beginning of the file, usually.

Alex
From: Frank Kotler on
JJ wrote:
> Hi all,
>
> this is probably a dumb question to most folks here, in which case
> apologies for that.

No, no, no... the *hard* questions are the ones you want to apologize
for! :)

> I have seen this word "offset" in hex editors and wanted to know what
> it means. Or to put it in other words, I know that the generic
> definition for the word in the english language is something like
> "displacement". But what does it mean in hex editors and in assembler
> programming?
>
> If it refers to displacement then displacement from what..?

I would have said "from the beginning of the segment". An address on x86
consists of a segment and an offset - often written "segment:offset" -
"0000:7C00h", for example. In real mode, the value in the segment
register is multiplied by sixteen - this is the segment "base". This
number is added to the "offset" part of the address to form the linear
address. In protected mode, the value in a segment register is a
"selector", which serves as an index into an array of "descriptors",
each of which has a "base" field. This "base" (most often, but not
always, zero) is added to the "offset" part of the address to form the
linear address. So the "offset" is from the segment "base"...

However, as Alex pointed out, it can be interpreted in other ways. In
the context of a hex editor, "from the beginning of the file" is most
likely correct. Harder question than I realized! :)

In some circles, "offset" has to do with CO2! :)

Best,
Frank
From: Bernhard Schornak on
JJ wrote:

> Hi all,
>
> this is probably a dumb question to most folks here, in which case
> apologies for that.
>
> I have seen this word "offset" in hex editors and wanted to know what
> it means. Or to put it in other words, I know that the generic
> definition for the word in the english language is something like
> "displacement". But what does it mean in hex editors and in assembler
> programming?
>
> If it refers to displacement then displacement from what..?

An offset generally is the 'distance' from a
'reference point'. The reference point could
be anything, e.g.: the left bottom edge of a
sheet of paper lying on your desktop. If you
measured its width [x] as 100 and its height
[y] as 200 (whatever) units, its center will
be at offsets 50[x] and 100[y]. That is: You
had to draw one vertical line at 50[x] and a
horizontal line at 100[y] to mark the center
(where both lines cross each other).

The same applies to memory locations in your
computer. Physical memory is addressed using
continuously ascending numbers (= adresses).
Programs and allocated (reserved for private
use) memory blocks usually are accessed with
offsets (distances) to the first byte in the
program or memory block, our reference point
called 'base'. In case of programs, this re-
ference point is loaded into CS:rIP when the
program is started. In case of allocated me-
mory, the address of the first byte in that
block is our reference point. Usually, it is
stored in a register and any byte within the
block is addressed as an offset to this base
register. In iNTEL-speak, 'offset' is called
'displacement', but 'distance' might be more
picturesque and, hence, comprehensible.

The real advantage of offsets is their inde-
pencence from any real location. While their
reference points must be known locations, an
offset always is related to a reference - we
might use it to access multiple locations by
simply exchanging the reference (base).


Greetings from Augsburg

Bernhard Schornak
From: s_dubrovich on
On May 9, 8:53 pm, Frank Kotler <fbkot...(a)nospicedham.myfairpoint.net>
wrote:
> JJ wrote:
> > Hi all,
>
> > this is probably a dumb question to most folks here, in which case
> > apologies for that.
>
> No, no, no... the *hard* questions are the ones you want to apologize
> for! :)
>
> > I have seen this word "offset" in hex editors and wanted to know what
> > it means. Or to put it in other words, I know that the generic
> > definition for the word in the english language is something like
> > "displacement". But what does it mean in hex editors and in assembler
> > programming?
>
> > If it refers to displacement then displacement from what..?
>
> I would have said "from the beginning of the segment". An address on x86
> consists of a segment and an offset - often written "segment:offset" -
> "0000:7C00h", for example. In real mode, the value in the segment
> register is multiplied by sixteen - this is the segment "base". This
> number is added to the "offset" part of the address to form the linear
> address. In protected mode, the value in a segment register is a
> "selector", which serves as an index into an array of "descriptors",
> each of which has a "base" field. This "base" (most often, but not
> always, zero) is added to the "offset" part of the address to form the
> linear address. So the "offset" is from the segment "base"...
>
> However, as Alex pointed out, it can be interpreted in other ways. In
> the context of a hex editor, "from the beginning of the file" is most
> likely correct. Harder question than I realized! :)
>

Yeah, why is it that the 'simple' ones aren't so simple?

'offset' for segmented code can also mean from the beginning of the
segment, such as 'code', 'data', or 'stack'.

Not mentioned so far is 'offset' in regards to assembler syntax.
Here 'offset' usually means address of an identifier, such as:

mov ax, MyIdent ;; MyIdent's value
..vs.
mov ax, offset MyIdent ;; MyIdent's address


> In some circles, "offset" has to do with CO2! :)

I'd like better "offsets" to my "liabilities" too! :)

Steve

>
> Best,
> Frank