Intel® ISA Extensions
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.
1076 Discussions

give me a hint,

jvava
Beginner
‎02-26-2009 03:08 AM
235 Views
i read the Manual over and over, but still have not understood the 3.1.1.2 INSTRUCTION COLUMN,

1.
among much type of oprand (rel8, rel16, rel32, ptr16:16, ptr16:32, r8, r16, r32, imm8, imm16, imm32, r/m8, r/m16, r/m32,m,m8,m16,m32,m64,m128,m16:16,m16:32,m16&32,m16&16,m32&32,moffs8,moffs16,moffs32,sreg,m32fp,m64fp,
m80fp,m16int,m32int,m64int,st,st(0),st(i),mm,mm/m32,mm/m64,xmm,xmm/m32,xmm/m64,xmm/m128), Which is from modR/M byte(i dare guess r/m8,r/m16,r/m32, r8, r16, r32 do, and some r8 is from +rb)? and which is from ib(i dare guess imm8 do)....

rel8 is from modR/M or a byte following the opcode byte?
ptr16:16 is from modR/M or a word following the opcode word?
m,m8,m16,m128 is from modR/M or address immediate following the opcode word?
m16:16 is from modR/M or address immediate following the opcode doubleword?
m16&16 is from modR/M or address immediate following the opcode doubleword?
moffs8 is from modR/M or address immediate following the opcode doubleword?
....


2.
if modR/M byte is 10 000 100, that can been decoded as [-][-] + disp32, further,
if sib byte is 00 000 101, that can been decoded as [EAX] + disp32 + [EBP],

so the result is [EAX] + disp32 + [EBP] + disp32, that means 8 byte is following the sib byte, but the manual says maxiumn of displacement is 4 bytes. so what i decoded is not right. then how to decode this case.

for long time i cant understand these problem, please help me, THANKS.

0 Kudos

Link Copied

4 Replies
jimdempseyatthecove
Black Belt
‎03-02-2009 03:44 PM
235 Views

Google search for:

"opcode map" format:.pdf site:intel.com

In the returned list you should find a programmer's reference manual.
Using the ledgend for the op code map (once you understand which 4-bit nibble is which) you will understand better on how the instruction bytes are ordered. In general terms the instruction sequence is:

(optional 0 or more prefix bytes e.g. address override, data override, LOCK, REP, segment,REX, ...)
1 or 2 op code bytes (required)
(optional Mod R/M depending on 1 or 2 byte op code)
(optional SIB depending on Mod R/M byte)
(optional disp nn depending on 1 or 2 byte op code) or (optional disp nn depending on Mod R/M)
(optional imm nn depending on 1 or 2 byte op code)

When a component of the instruction is present, it occupies the position listed above.
You cannot have a SIB without Mod R/M

Jim


0 Kudos
Copy link
jimdempseyatthecove
Black Belt
‎03-02-2009 04:20 PM
235 Views
2.
modR/M of 10 000 100 is [--][--] is Reg operand of EAX with SIB byte follows but there is noothercomponent of theeffective addressin the Mod R/M
SIB of 00 000 101 is scale index register is EAX (no scaling) baseisdsp32[EBP] so effective address is disp32[EBP + EAX]

mov dword ptrdisp32[EBP + EAX],EAX

would fit the addressing mode

There is only one disp32

When you have something like aMOV m32,imm32 you could have

MOV disp32[eax +edx*4],imm32

In which case you would havea displacement followed by an immediate

Jim Dempsey
0 Kudos
Copy link
jvava
Beginner
‎03-02-2009 07:49 PM
235 Views
thanks a lot.
0 Kudos
Copy link
SHIH_K_Intel
Employee
‎03-02-2009 08:16 PM
235 Views
Quoting - jvava
i read the Manual over and over, but still have not understood the 3.1.1.2 INSTRUCTION COLUMN,

1.
among much type of oprand (rel8, rel16, rel32, ptr16:16, ptr16:32, r8, r16, r32, imm8, imm16, imm32, r/m8, r/m16, r/m32,m,m8,m16,m32,m64,m128,m16:16,m16:32,m16&32,m16&16,m32&32,moffs8,moffs16,moffs32,sreg,m32fp,m64fp,
m80fp,m16int,m32int,m64int,st,st(0),st(i),mm,mm/m32,mm/m64,xmm,xmm/m32,xmm/m64,xmm/m128), Which is from modR/M byte(i dare guess r/m8,r/m16,r/m32, r8, r16, r32 do, and some r8 is from +rb)? and which is from ib(i dare guess imm8 do)....

rel8 is from modR/M or a byte following the opcode byte?
ptr16:16 is from modR/M or a word following the opcode word?
m,m8,m16,m128 is from modR/M or address immediate following the opcode word?
m16:16 is from modR/M or address immediate following the opcode doubleword?
m16&16 is from modR/M or address immediate following the opcode doubleword?
moffs8 is from modR/M or address immediate following the opcode doubleword?
....


2.
if modR/M byte is 10 000 100, that can been decoded as [-][-] + disp32, further,
if sib byte is 00 000 101, that can been decoded as [EAX] + disp32 + [EBP],

so the result is [EAX] + disp32 + [EBP] + disp32, that means 8 byte is following the sib byte, but the manual says maxiumn of displacement is 4 bytes. so what i decoded is not right. then how to decode this case.

for long time i cant understand these problem, please help me, THANKS.


Jvava

When you read section 3.1.1.2 to understand the notation of the instruction column, you need to read section 3.1.1.1 first, which describes the opcode column and the various notations for the opcode column. Section 3.1.1.1will tell you whether there is an ModR/M byte following the opcode byte.
For example, /digit, /r, ib, iw, id, io need the ModR/M byte. When you see FF /3 for far call with the m16:32 notation in the instruction column, the 3-bit r/m field of the modR/M byte encodes an offset address, but this offset address in not the target of the far call, the offset address points to six bytes (16 + 32 bits)of memory which is interpreted as a linear address consisting of a 16-bit selector and a 32-bit offset address. The target address of the far call is this linear address represented by six consecutive bytes in memory.
0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.