You can write in PURE machine code manually WITHOUT ASSEMBLY Linux/ELF: https://github.com/XlogicX/m2elf. This is still a work in progress, I just started working on this yesterday. Source file for “Hello World” would look like this: b8 21 0a 00 00 #moving “!\n” into eax a3 0c 10 00 06 #moving eax into first memory location … Read more
There’s no hard and fast rule for x86 without a database as the instruction encoding is pretty complex (and the opcode itself can vary from 1 to 3 bytes). You can consult the Intel® 64 and IA-32 Architectures Software Developer’s Manual 2A document (Chapter 2: Instruction Format) to see how instructions and their operands are … Read more
An x86 instruction stream is not self-synchronizing, and can only be unambiguously decoded forward. You need to know a valid start-point to decode. The last byte of an immediate can be a 0x90 which decodes as a nop, or in general a 4-byte immediate or displacement can have byte-sequences that are valid instructions, or whatever … Read more
The chosen encodings line up very nicely with other encodings, simplifying the hardware at the expense of software that has to generate instructions, software that has to decode instructions, and, programmers learning or working with RISC V ;). The S-Format breaks up the immediate into imm[11:5] and imm[4:0]. The reason this immediate is broken up … Read more
Intel’s vol.2 manual has details on the encoding of operands for each form of each instruction. E.g. taking just the 8-bit operand size versions of the well-known add instruction, which has 2 reg,rm forms ; a rm,immediate form ; and a no-ModRM 2-byte short form for add al, imm8 Opcode Instruction | Op/En | 64-bit … Read more
HALT is just a “pseudo-instruction” for a TRAP instruction used to halt the machine. You could write: TRAP x25 ;HALT the machine But in this way you need to remember the position in the TRAP vector, in this case x25. So is better to just use HALT instead. Others common TRAPs also have pseduo-instructions: IN, … Read more
NOSPLIT: Similarly, NASM will split [eax*2] into [eax+eax] because that allows the offset field to be absent and space to be saved; in fact, it will also split [eax*2+offset] into [eax+eax+offset]. You can combat this behaviour by the use of the NOSPLIT keyword: [nosplit eax*2] will force [eax*2+0] to be generated literally. [nosplit eax*1] also … Read more
The terms are indeed a bit confusing, because they are sometimes used inconsistently. Machine code: This is the most well-defined one. It is code that uses the byte-code instructions which your processor (the physical piece of metal that does the actual work) understands and executes directly. All other code must be translated or transformed into … Read more
If you tell the assembler to assemble arbitrary bytes somewhere, it will. db is a pseudo-instruction that emits bytes, so mov eax, 60 and db 0xb8, 0x3c, 0, 0, 0 are exactly equivalent as far as NASM is concerned. Either one will emit those 5 bytes into the output at the current position. If you … Read more
rep; nop is indeed the same as the pause instruction (opcode F390). It might be used for assemblers which don’t support the pause instruction yet. On previous processors, this simply did nothing, just like nop but in two bytes. On new processors which support hyperthreading, it is used as a hint to the processor that … Read more