Intel Instruction Interpretation

> Procedural Languages > Language - Assembly (asm) > Intel

1 - About

This section is based on the section 3-1 - interpreting the instruction pages reference of the intel documentation and used the jmp mnemonic as example.

Definition: The jmp mnemonic transfers program control to a different point in the instruction stream without recording return information.

Advertising

3 - Intel 64 and IA-32 syntax

From Intel 64 and IA-32 Architectures (See also appendix b instruction formats and encodings)

where:

  • Instruction Prefixes (optional). Another assembly instruction to be inserted before another assembly instruction that such prefix is applicable. Instructions with 2 or 3-bytes opcode include the prefixes by default. The operand-size override prefix allows a program to switch between 16-and 32-bit operand sizes. Either size can be the default; use of the prefix selects the non-default size.
  • Opcode is a unique number that identifies an instruction. Each opcode has an mnemonic name. Opcode can be 1,2 or 3 bytes long and includes an additional 3-bit field in the ModR/M byte when needed.
  • ModR/M for instructions that refer to an operand in memory

4 - Instruction table definition

The jmp mnemonic definition can be found in the Section 3.2 - JMP - page 1065 and shows a table where:

  • each row lists a variant of the jmp instruction.
  • the first column is the instruction in hexadecimal and is called the opcode column
  • the second column is the instruction in intel assembly and is called the instruction column

The transfer is one-way; that is, a return address is not saved. See also 7.3.8.1 - Unconditional Transfer Instructions

Advertising

4.1 - Opcode column

The first column is called the opcode column. . Example: EB cb. It shows the object code produced and has the following format:

  • opcode + extra entries (See section 3.1.1.1 for the definition of the extra entries)

4.2 - Instruction column

The second column is the Instruction column and gives the syntax of the instruction statement as it would appear in an ASM386 program.

Example: jmp rel8.

It has the following format:

mnemonic operand

where operand (See section 3.1.1.3 for the definition of the symbol operands)

Advertising

4.3 - Operand encoding column

Instructions with an operand in memory have an addressing-form specifier byte called the ModR/M byte.

In the encoding definition table:

  • (r) denotes the content of the operand will be read by the processor.
  • (w) denotes the content of the operand will be updated by the processor

5 - Management

5.1 - List

For the intel CPU, the description of each instruction class can be found in the Instruction Set reference (Volume 2) Intel® 64 and IA-32 Architectures - Software Developer’s Manual - Combined Volumes: 1, 2A, 2B, 2C, 2D, 3A, 3B, 3C, 3D and 4.

6 - Example

The jmp instructions with opcode FF /4 enable jumping to a near, absolute address stored in a general-purpose register or a memory location; or in short, as written in the description, absolute indirect.

; as [0x1234] means rel16 (which means 2-byte offset)
; jmp is then the ''FF /4'' jump
jmp [0x1234]

generates the machine code in the default 16 bit mode of nasm to the following instruction:

ff 26 34 12

where:

  • 0xff is the opcode for jmp
  • 0x26 is the ModR/M byte that means that the operand is disp16 bit operand. ie a displacement / jump of 16 bit.
  • 0x34 and 0x12 is the data but in little endian order (reversed)

The ModR/M byte comes from the 16 bit ModR/M table:

lang/assembly/intel/instruction.txt · Last modified: 2019/01/07 09:29 by gerardnico