Menu
I'm currently trying to write a disassembler. I found the following list of opcodes and their meanings, so i decided to parse it at runtime: http://web.archive.org/web/20150810224114/http://mprolab.teipir.gr/vivlio80X86/pentium.txt
But i am stuck at the opcode 0x00: It is followed by a reg/modbyte. Parsing it was not much of a problem for me.
But I'm having trouble with the Scale-Index-Base byte:
If you actually specify esp as index register, it actually means that there is no index register.
The same applies for the base register with ebp. But I've tried it with C++ inline assembler: It is possible to compile:
add [ebp*2+ebp],cl
So how can ebp be used as base register when using ebp as base register actually means using no base register at all!?
483
(Instructions with no explicit operands don't have a ModR/M byte, just the opcode byte(s)). x86 opcodes are 1 byte for most common instructions, especially instructions which have existed since 8086. Instructions added later (e.g. like bsf and movsx in 386) often use 2-byte opcodes with a 0f escape byte.
Scaled indexed addressing mode uses the second byte (namely, SIB byte) that follows the MOD-REG-R/M byte in the instruction format. The MOD field still specifies the displacement size of zero, one, or four bytes.
General Overview. An x86-64 instruction may be at most 15 bytes in length. It consists of the following components in the given order, where the prefixes are at the least-significant (lowest) address in memory: Legacy prefixes (1-4 bytes, optional)
Encoding x86 Instruction Operands, MOD-REG-R/M Byte The d bit in the opcode determines which operand is the source, and which is the destination: d=0: MOD R/M <- REG, REG is the source. d=1: REG <- MOD R/M, REG is the destination.
The "missing EBP" case apply only in case ModR/M.Mod field has value 00 binary. If you need EBP as a base, the assembler changes the Mod to 01 binary and adds 8-bit displacement with value of zero:
004C6D00 add [ebp+ebp*2], cl
167
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
