简体繁体 English

如何将操作码转换为十六进制码

[英]how to convert opcodes to hexcodes

原文 2018-09-08 15:47:15 6 1 assembly/ x86/ machine-code

I am really stumped over here, please help... 我真的很为难，请帮忙...

I have ordered a bunch of books from intel, the software developers manuals, and inside of them they give me all these opcodes like "VEX.128..." or "0F 5B" 我已经从intel订购了一堆书，软件开发人员手册，并且在书中给了我所有这些操作码，例如“ VEX.128 ...”或“ 0F 5B”

and these books say things like "this works with XMM registers" but none of the books talk about how to convert the word XMM into hexadecimal? 这些书说的是“可以与XMM寄存器一起使用”之类的东西，但是没有一本书谈论如何将XMM转换为十六进制？

What I am trying to do is like write hello, world in pure hexadecimal without the use of an assembler! 我想要做的就像是在不使用汇编器的情况下，用纯十六进制形式写问好世界！ please help! 请帮忙！ I hope this made sense I am new to the world of assembly and hexcodes 我希望这对我来说是汇编语言和十六进制代码领域的新手

1 个解决方案

The word XMM is not converted to hexadecimal. 单词XMM不会转换为十六进制。 That an instruction uses XMM registers is a property of the opcode and prefixes. 指令使用XMM寄存器是操作码和前缀的属性。 The index of the register operands are mostly encoded by the ModRM byte, a little in the prefix, for some operations on a GPR a register name is encoded in the opcode byte. 寄存器操作数的索引主要由ModRM字节编码，在前缀中稍微增加一点，对于GPR上的某些操作，寄存器名称被编码在操作码字节中。

Complexities aside, here is a simple VEX-prefixed example, vpaddb xmm1, xmm4, xmm6 . 除了复杂性，这是一个简单的VEX前缀示例， vpaddb xmm1, xmm4, xmm6 。 Its entry in the manual (under the paddb lemma) says to encode it as: VEX.NDS.128.66.0F.WIG FC /r 它在手册中的条目（在paddb引理下）表示将其编码为： VEX.NDS.128.66.0F.WIG FC /r

VEX.NDS.128.66.0F.WIG is for the VEX prefix. VEX.NDS.128.66.0F.WIG用于VEX前缀。 NDS means that the vvvv field encodes the source register. NDS表示vvvv字段对源寄存器进行编码。 128 means not to set the L bit, which makes the registers used the X MM versions, otherwise they would be the Y MM versions (so as you see this distinction is encoded by a single bit in the VEX prefix, not by writing the word "XMM" in hexadecimal exactly) 66 indicates a setting for the pp field that corresponds to a mandatory prefix in the legacy encoding, namely pp = 01. WIG = W-ignored, which doesn't really matter here. 128表示不设置L位，这使寄存器使用X MM版本，否则它们将是Y MM版本（因此，如您所见，此区别是由VEX前缀中的单个位编码的，而不是通过写单词精确地以十六进制表示的“ XMM” 66表示pp字段的设置，该设置对应于旧式编码中的强制性前缀，即pp =01。WIG = W-ignored，在这里并不重要。

Anyway it can be a 2-byte VEX prefix (no fancy opcode map, low register numbers), so start with C5 and then combine the fields ~R|~vvvv|L|pp (where | is concatenation). 无论如何，它可以是2字节的VEX前缀（无花哨的操作码映射，寄存器编号低），因此以C5开头，然后合并字段~R|~vvvv|L|pp （其中|是串联）。 ~vvvv is the complement of vvvv, vvvv = 0100 (xmm 4 ). 〜vvvv是vvvv的补码，vvvv = 0100（xmm 4 ）。 The R field is an extension of the reg field of the ModRM byte, xmm1 has an index lower than 8 so the R field is 0, hence ~R is 1. Combined, that second prefix byte is 1|1011|0|01 = D9 . R字段是ModRM字节的reg字段的扩展， xmm1的索引小于8，因此R字段为0，因此〜R为1。加起来，第二个前缀字节为1|1011|0|01 = D9 。

The opcode byte is FC , nothing funny happens here. 操作码字节是FC ，这里没有发生任何有趣的事情。

/r means to encode the rest of the operands as ModRM (+SIB), so here using mod=11 (two registers, no memory operand), rm = 110 (xmm 6 ), reg = 001 (xmm 1 ) so 11001110 = CE /r表示将其余操作数编码为ModRM（+ SIB），因此这里使用mod = 11（两个寄存器，没有内存操作数），rm = 110（xmm 6 ），reg = 001（xmm 1 ），所以11001110 = CE

So in total vpaddb xmm1,xmm4,xmm6 becomes c5 d9 fc ce . 所以总共vpaddb xmm1,xmm4,xmm6变成c5 d9 fc ce 。

You can find this information (and some details which I skipped) in Appendix B of the ISDM, "Instruction Formats and Encodings". 您可以在ISDM的附录B“指令格式和编码”中找到此信息（以及一些略过的细节）。