页面http://daeken.pastebin.ca/raw/843310包含所有汇编代码及其说明。但我真的不明白,例如0xa1 : ['MOV', 'rAX,Ov'],...,看看它的描述,我无法弄清楚它的含义。
以下是大量这样的例子:
Ob - Ov - rAX - Yb - Xb - etc...
有人能解释那些奇怪的符号是什么意思吗?
答案 0 :(得分:1)
例如:
0xa1 : ['MOV', 'rAX,Ov']
根据Intel® 64 and IA-32 Architectures Developer's Manual: Combined Volumes表A-2。单字节操作码映射:(00H - F7H)0xa1为mov rAX, Ov。
然后表A.2.1寻址方法代码解释了寻址中使用的缩写:
O The instruction has no ModR/M byte. The offset of the operand is coded as
a word or double word (depending on address size attribute) in the instruction.
No base register, index register, or scaling factor can be applied (for example,
MOV (A0–A3)).
表A.2.2操作数类型的代码解释了操作数类型:
v Word, doubleword or quadword (in 64-bit mode), depending on operand-size
attribute.
低于A.2.3注册码,它说:
A register identifier of the form eXX or rXX is used when register width depends
on the operand-size attribute. eXX is used when 16 or 32-bit sizes are possible;
rXX is used when 16, 32, or 64-bit sizes are possible. For example: eAX indicates
that the AX register is used when the operand-size attribute is 16 and the EAX
register is used when the operand-size attribute is 32. rAX can indicate AX, EAX
or RAX.
以下是0xa1操作码的一些示例指令编码(用udcli -x确认):
a10102 mov ax, [0x201] ; in x86 16-bit code
a101020304 mov eax, [0x4030201] ; in x86 32-bit code
a10102030405060708 mov eax, [0x807060504030201] ; in x86-64
66a101020304 mov ax, [0x4030201] ; with 0x66, in x86 32-bit code
66a10102030405060708 mov ax, [0x807060504030201] ; with 0x66, in x86-64
48a10102030405060708 mov rax, [0x807060504030201] ; with 0x48 REX.W, in x86-64
答案 1 :(得分:0)