Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

x86_64 - opcode map. Possible mistake?

Tags:

x86-64

opcode

I am working on the intel opcode map for x86_64, vol2, section B.2.1

I have an issue with the pop instruction.

POP – Pop a Value from the Stack

wordregister
0101 0101 : 0100 000B : 1000 1111 : 11 000 reg16

qwordregister
0100 W00BS : 1000 1111 : 11 000 reg64

wordregister (alternate encoding)
0101 0101 : 0100 000B : 0101 1 reg16

qwordregister (alternate encoding)
0100 W00B : 0101 1 reg64

memory64
0100 W0XBS : 1000 1111 : mod 000 r/m

memory16
0101 0101 : 0100 00XB 1000 1111 : mod 000 r/m

The prefix 0101 0101 apparently used with wordregisters is really annoying me here, because I cannot find any use for it.

Even after submiting the command to objcopy or other disassembler, I never see it appearing.

0:  66 59                   pop    cx
2:  59                      pop    rcx

I can understand the 1000 1111 : 11 000 reg16 and 0100 000B : 0101 1 reg16 parts though.

So, what about that 0x55?

like image 827
Amy Lindsen Avatar asked Dec 17 '15 12:12

Amy Lindsen

People also ask

What's the maximum instruction length on x86?

The x86 instruction set (16, 32 or 64 bit, all variants/modes) guarantees / requires that instructions are at most 15 bytes. Anything beyond that will give an "invalid opcode". You can't achieve that without using redundant prefixes (e.g. multiple 0x66 or 0x67 prefixes, for example).

How many x86_64 instructions are there?

states that the current x86-64 design “contains 981 unique mnemonics and a total of 3,684 instruction variants” [2]. However they do not specify which features are included in their count.

Do all x86 instructions have the same length?

x86 instructions can be anywhere between 1 and 15 bytes long. The length is defined separately for each instruction, depending on the available modes of operation of the instruction, the number of required operands and more.

What is x86 opcode?

The x86 opcode bytes are 8-bit equivalents of iii field that we discussed in simplified encoding. This provides for up to 512 different instruction classes, although the x86 does not yet use them all.

1 Answers

If you set the CPU to x86_64, a disassembler gives you

55    push rbp

And a click on 55 in this reference points to push as well.

The pop instructions have the bit 3 (4th) to 1, the push have it at 0, like in 0x55.

There is definitely a mistake in the documentation, as the CPU instructions coding logic and other elements available on the Net clearly show 0x55 as being a push operation.

like image 55
Déjà vu Avatar answered Nov 22 '22 10:11

Déjà vu
Sign in to Comment

Related questions

How to check programmatically whether a managed assembly is x86, x64 or AnyCPU?
GCC doesn't make use of inc
Why do we need stack allocation when we have a red zone?
What do the assembly instructions 'seta' and 'setb' do after repz cmpsb?
Why does unaligned access to mmap'ed memory sometimes segfault on AMD64?
Hard to debug SEGV due to skipped cmov from out-of-bounds memory
Acceptability of regular usage of r10 and r11
Python ctypes and function calls
Detecting architecture at compile time from MASM/MASM64
Multiple threads and memory
How to install python2.6-devel package under CentOs 5
Why can I access lower dword/word/byte in a register but not higher?
How is the x64 architecture different from x86
How to check if a register is zero in x86_64 assembly [duplicate]
Is it possible to execute 32-bit code in 64-bit process by doing mode-switching?
Implementing thread-local storage in custom libc

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!