1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
; opcode c7 is Ev, Iz. c6 is Eb, Ib
; Eb: ModR/M to follow, byte
; consider 1100 011w : 11 000 reg : imm
; also consider 1011 w reg : imm for bytes
32-bit target, 8-bit source
match =eax?, target
db 0xB8
dd source
else match =edi?, target
db 0xBF
dd source
64-bit target, 32-bit source
match =rax?, target ; mov rax, 0x1234
db 0x48, 0xC7, 0xC0
dd source
; 48 eAX REX.W prefix
; (DEC is the 32-bit meaning, ignore it)
; eAX -> register identifier,
; width depends on operand
; REX.W -> set 64-bit operand mode
; c7 Grp 11^1A - MOV Ev, Iz
; immediate to register
; 1A -> bits 5,4,3 of ModR/M are opcode
; extension
; E -> modR/M byte to follow for operand
; v -> word of appropriate size
; I -> immediate data
; z -> 32-bit operand
; c0 ModR/M byte
; 0b11000000
; 11 mod: always 11
; 000 op/reg: Mov Ev, Iz
; 00x w absent
; 0 w (ignored)
match =rdi, target ; mov rdi, 0x1234
db 0x48, 0xC7, 0xC7
dd source
; 7: 48 c7 c7 2a 00 00 00 mov $0x2a,%rdi
; 48 eAX REX.W prefix
; (DEC is the 32-bit meaning, ignore it)
; c7 Grp 11^1A - MOV Ev, Iz
; immediate to register
; 1A -> bits 5,4,3 of ModR/M are opcode
; extension
; Ev -> ModR/M to follow for 32-bit operand
; Iz -> Immediate data, 32-bits
; c7 ModR/M byte
; 0b11000111
; 11 mod: always 11
; 000 op/reg: Mov Ev, Iz
; 11x w present
; 1 w true; use EDI
64-bit target, 64-bi source
match =rdi, target ; mov rdi, 0x1234
db 0x48, 0xB8, 0x38
dq source
match =rsi, target
db 0x48, 0xB8, 0x30
dq source
; opcode c7 is Ev, Iz. c6 is Eb, Ib
; Eb: ModR/M to follow, byte
; consider 1100 011w : 11 000 reg : imm
; also consider 1011 w reg : imm for bytes
|