assembly - i386 Assembler Instruction Encoding -

-

i trying understand how instructions in programs compiled i386/x86 encoded (i use http://ref.x86asm.net/coder32.html reference), can't seem grip on issue, despite rather documentation. if explain me, i'd happy it.

until have gathered instruction encoded this:

prefix (1 byte) [optional] opcode (1 or 2 byte, depending on prefix) modr/m (1 byte) [optional] sib (1 byte) [optional] displacement (1-4 bytes) [optional] immediate value (1-4 bytes) [optional]

the optional parameters depend on actual operation execute, resp. opcode.

let's assume have following instruction, plain , simple:

6a 4d     push   4dh

that okay me, understand that. 6a opcode 8-byte intermediate value of 4dh.

let's go further down road:

51     push    ecx

same deal, opcode being 50 + 1 ecx register r32 operand.

but one?

ff 15 f8 2a 42 00     call   dword ptr ds:0x422af8

i understand first byte opcode call, second modr/m mod == 00, reg == 010 , r/m == 101, specifies displacement follows, last 4 bytes of f8 2a 42 00.

what not understand 2 things:

first, according table in link mentioned above, ff opcode can have multiple purposes, variants of push, call or jmp. difference seems called "opcode extension", '2' example here. encoded? how disassembler know ff call, , not ff jmp?

secondly, why operand displacement of ds segment? default instruction, or encoded somewhere, too? segment-override-bytes have that?

as versed among noticed pretty novice in area, , had think putting post here people get kinda bossy or patronizing "dull" question, use here.

if understanding of things wrong, please correct me, , if cares explain how encoding works i'd appreciate it.

thanks in advance!

instead of terse online material, should read official intel instruction set reference explained in detail. let me quote relevant paragraph:

/digit -- digit between 0 , 7 indicates modr/m byte of instruction uses r/m (register or memory) operand. reg field contains digit provides extension instruction's opcode.

note in case modr/m byte 0x15 have parsed wrong. it's 0001 0101 in binary means mod=00, reg=010 , r/m=101. can see, reg field indeed 2, encoding proper opcode extension.

as segment question: yeah, instructions accessing memory have default segment associated them can overridden prefix. disassembler may or may not show default segment. prefer if shows segment if actual override present.


Comments

Post a Comment

Popular posts from this blog

windows - Single EXE to Install Python Standalone Executable for Easy Distribution -

-
i used pyinstaller create standalone exe file pyqt project. did not use single file option because exe created single file option takes long open. therefore, pyinstaller created dist folder contains bunch of files including program.exe file. create setup.exe file place contents of dist folder in program directory , create shortcut in start menu , on desktop. want super simple user. maybe setup.exe files when download program cnet. found inno-setup, looks promising. however, not know if there special considerations because program standalone program create python/pyqt program. thanks! have experience task? there program using task not know about? inno-setup or nsis easiest use. tell them files include , put them , create nice installer you. wrote short tutorial on experiences using innosetup might find helpful: http://www.blog.pythonlibrary.org/2008/08/27/packaging-wxpymail-for-distribution/ note tutorial based around wxpython app wrote, concepts same.
Read more

c# - Access objects in UserControl from MainWindow in WPF -

-
i have simple xaml, how can change text property of textblock in usercontrol1 mainwindow ? <window x:class="refactorxaml.mainwindow" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:refactorxaml="clr-namespace:refactorxaml" title="mainwindow" height="350" width="525"> <grid> <grid.rowdefinitions> <rowdefinition height="100"></rowdefinition> <rowdefinition height="100"></rowdefinition> </grid.rowdefinitions> <grid> <refactorxaml:usercontrol1></refactorxaml:usercontrol1> </grid> <grid grid.row="1"> <button>change text</button> </grid> </grid> </window> <usercon...
Read more

javascript - How to name a jQuery function to make a browser's back button work? -

-
i'm trying write function ajaxyfy web site, works perfect, except function button. that's have now: function loading() { if (typeof history.pushstate !== "undefined") { var historycount = 0; $('.menu-item, .logo').on('click','a',function(e){ e.preventdefault(); $(this).data('clicked', true); if ($(this).is('.logo a')) { var homepage = $(this).attr('href'); function1(homepage); history.pushstate(null, null, homepage); } else if ($(this).is('.projects a')) { var projects = $(this).attr('href'); function2(projects); history.pushstate(null, null, projects); } else { var pages = $(this).attr('href'); function3(pages); history.pushstate(null, null, pages); ...
Read more