Menu
I'm using libdis, the x86 disassembler library from the bastard, and I'm trying to find out which instructions access memory.
With reference to these two instructions:
mov eax, [ebx + 10]
lea eax, [ebx + 10]
In libdis, both are listed with instruction type insn_mov, and the address operands have the same flags in both cases. So the only way I can tell if memory is accessed is to look at the instruction mnemonic.
Hence my question: is LEA the only instruction using a memory operand that doesn't actually access memory? Any links to references would be nice.
896
The lea instruction places the address specified by its first operand into the register specified by its second operand. Note, the contents of the memory location are not loaded, only the effective address is computed and placed into the register.
The LEA (Load Effective Address) instruction is a way of obtaining the address which arises from any of the Intel processor's memory addressing modes. it moves the contents of the designated memory location into the target register.
The lea instruction ("load effective address") takes the memory address of the first value and adds it to the second value - which may be multiplied. It then loads that memory address into a given register.
LEA − Used to load the address of operand into the provided register. LES − Used to load ES register and other provided register from the memory.
The prefetch family of instructions (prefetcht1, prefetcht2, prefetcht3, prefetchnta) ask the processor to go and pull those memory lines into cache because they will be needed soon. But, Intel's documentation makes it clear that no faults can result from a bad address passed to prefetch. This is so that software can pass potentially out-of-bound addresses to prefetch without checking them first, so that the data can be in-flight while those checks are performed.
Prefetches also don't have an 'output', unlike LEA.
52
Intel has a multi-byte "NOP" instruction with opcode 0F 1F /0 that takes memory addressing operands. From Intel's manual:
The multi-byte NOP instruction does not alter the content of a register and will not issue a memory operation
The discussion in comments is about putting the opcode byte of a nop at the end of an unmapped page, and code fetch faulting if it can't read a complete instruction including the ModR/M and displacement bytes. That's orthogonal to this question.
You can think of long-NOP as working as follows:
This makes it possible for software to encode multi-byte NOPs by using a variety of addressing modes and prefixes. The CPU can be designed to handle it without needing any special hardware beyond recognizing one more opcode as a nop. The overall instruction format is the same as most.
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
