Geek asks and answers

X86 Instruction format: "ba 0e 00 00 00" ... "mov $ 0xe,% edx"

I get the following line in a disassembly from objdump -da Linux x86 program ...

4000b0: ba 0e 00 00 00          mov $0xe,%edx

I am trying to understand how machine code "ba 0e 00 00 00" displays "mov $ 0xe,% edx"

In manual movement, immediate 32-bit:

B8 + rd  ... MOV r32, imm32

those. "B8" is not "BA"

In fact, none of the MOV operation codes is “BA”.

If someone could break “ba 0e 00 00 00” and explain in a bit how to get to “mov $ 0xe,% edx”, that would be very helpful.

+5
source share
1 answer

0xba - "MOV EDX, imm32". IA, , , 0xba.

IA :

 B8+ rd MOV r32, imm32 OI Valid Valid Move imm32 to r32.

0xb8 r32 .

r32 2-2 2A.

 EAX 000 = 0
 ECX 001 = 1
 EDX 010 = 2
 EBX 011 = 3
 ESP 100 = 4
 EBP 101 = 5
 ESI 110 = 6
 EDI 111 = 7

A 2C Intel . 1, 2 3 . , 0xBA, , MOV rDX, "r" .

+12

More articles:


All Articles