I am writing a disassembler, and I was looking at the format of the instruction (and doing some sorting manually), and I came across an instruction that I seem to be unable to decode.
The output for this particular command (from objdump):
c6 05 14 a0 04 08 01 movb $0x1,0x804a014
However, I do not understand how the command is decoded, since the operation code c6 must be MOV Eb Ib (Mod R / M to imm8).
Can anyone tell me how it is decoded?
Thank!
This is due (in part) to the answer of Alex Frunze, but it’s a little bit, so I’ll give a few explanations here:
, .
, . , , - 1 , 0x804a014. - C:
*(unsigned char *)0x804a014 = 1;
opcode c6, . MOV 2A .
c6
MOV
05 - ModR/M. , 2-2 2A, "32- ModR/M Byte". 05 " ModR/M Byte (in Hexadecimal)" . , , ModR/M "disp32". : " disp32 32- , ModR/M". : 14 a0 04 08.
05
14 a0 04 08
, 8- 01, .
01
c6 - ( Mod/RM, /digit (reg))05 - Mod/RM byte (mod = 00b, r/m = 101b,/digit (reg) = 0 - )14 a0 04 08 - disp3201 - imm8
And this is a movfrom Ibto Eb. You are probably confusing the AT & T syntax in which objdump shows disassembly with Intel / AMD documentation. The order of the operands in the AT & T syntax is different from the order in the x86 processor manuals.
mov
Ib
Eb