Is there an x86 opcode for moving an immediate byt

2019-04-04 00:43发布

问题:

Is there a way to 'mov'e a specific immediate byte-size number into a direct memory location? I.e.

MOV 10h,ffffh

to write the value 16 into the memory address 65535? If so, which opcode is that, orwould I have to store a memory address into a register first?

回答1:

Yes. The opcode is C6. You should download a copy of the Intel ISA documents, which are freely available.

To your follow-up question: the full encoding of your example is:

  c6      04      25   ff ff 00 00   10
opcode  modr/m   sib     address     immediate


回答2:

Intel Manual Volume 2 Instruction Set Reference - 325383-056US September 2015 Section 3.2 "MOV—Move " has a table which contains:

Opcode            Instruction
----------------  ----------------
C6 /0 ib          MOV r/m8, imm8
C7 /0 iw          MOV r/m16, imm16
C7 /0 id          MOV r/m32, imm32
REX.W + C7 /0 io  MOV r/m64, imm32

Then you must know that:

  • r/m means register or memory location
  • imm means immediate

So those are the encodings you are looking for.

More empirically you could also have just tried it out and decompiled:

mov byte [0x1234678], 0x9A

Then:

as --32 -o a.o a.S
nasm -felf32 -o a.o a.asm

Gives:

00000000 <.text>:
   0:    c6 05 78 56 34 12 9a    movb    $0x9a,0x12345678

So we conclude that c6 is the opcode, with ModR/M 05, and immediates following.