SIB encoding confusion...
Orlando Llanes
sleep, I can also handle 32-bit ModR/M encoding, but I'm completely thrown
off by SIB encoding. All I see on the 'Net are charts.
Is there a tutorial out there which goes into great detail about SIB
encoding? Has anybody had an epiphany which suddenly makes sense out of SIB
encoding?
See ya!
Orlando
Gerhard W. Gruber
<o...@hotmail.com> in comp.lang.asm.x86 with
<MpKT8.1256$FR3.38...@newssvr17.news.prodigy.com>
I have written a disassembler once, but I dont remember all the details right
now. If you can tell me what the exact problem is, that you have, I might be
able to help you. I got all my infomation from the intel manuals, though.
In the "IA32 Intel Architecture Software developers Manual: Volume 2 -
Instruction Set Reference", Chapter 2 gives a description of ModR/M and SIB.
You can download it from the net (use google) or send me an email.
Hope that helps a bit.
--
Bye,
Gerhard
Entsorgungsbetriebe GmbH. - Wir entsorgen Ihre
Wertsachen KOSTENLOS und UNPROBLEMATISCH.
Octavio Vega Fernández
Orlando Llanes escribió en mensaje ...
SIB: [BASE+INDEX*2^SS]
BIT: 0 1 2 3 4 5 6 7
BASE INDEX SS
Exceptions: if index=esp it means that the index is not used , and ss must
be zero
if modrm=00???100 and base=ebp the base is not used
and displacement=32bits
for more detailed information go to intel.com
żare you writing an assembler?
Orlando Llanes
> I have written a disassembler once, but I dont remember all the details
> You can download it from the net (use google) or send me an email.
I have the 3 Volumes printed out, but thanks! Unfortunately, it's
ambiguous in the special cases of SIB encoding. I'm programming an
assembler, so I need to understand how the SIB encoding works to correctly
process 32-bit addressing modes.
Here are Intel's exact words with certain details left out...
"
Table X.Y 32-bit addressing forms with the SIB byte
....
r32 ... [*] ...
Base = ... 5 ...
Base = ... 101 ...
....
NOTE:
1. The [*] nomenclature means a disp32 with no base if MOD is 00, [EBP]
otherwise. This provides the following address modes:
disp32[index] (MOD=00).
disp8[EBP][index] (MOD=01).
disp32[EBP][index] (MOD=10).
"
BTW, I labelled the table as X.Y because in Intel's Architecture doc
it's 2.3, but in Borland's TASM 2(3?) Quick Ref it's 4.4.
Looking back on it, what I'm mainly thrown off by is a discrepency
between Intel's docs and Borland's Quick Ref. Borland says "[ESP]
otherwise", but Intel says "[EBP] otherwise". Obviously Intel has the
"final" word, but it's still confusing.
In the case of MOD=01 and MOD=10 I understand that an 8-bit displacement
and a 32-bit displacement, respectively, must be present if EBP is used as a
base register. But what does Intel mean by the case of MOD=00 when they say
a "32-bit displacement along with the index, [EBP] otherwise"?
Thanks!
See ya!
Orlando
Orlando Llanes
> sib is present if pointer register in modrm byte is ESP
> and displacement=32bits
That clears things up a bit. I _think_ I'm beginning to understand the
case of MOD=00. If an index is present with no base, then a 32-bit
displacement must be present. Otherwise if MOD=01 or MOD=10 then the
reference is EBP as the base register along with whatever register is used
as the index.
Am I on the right track?
> ¿are you writing an assembler?
Yes.
Thanks!
See ya!
Orlando
Sebastian Weiser
> Looking back on it, what I'm mainly thrown off by is a discrepency
>between Intel's docs and Borland's Quick Ref. Borland says "[ESP]
>otherwise", but Intel says "[EBP] otherwise". Obviously Intel has the
>"final" word, but it's still confusing.
"[EBP] otherwise" is correct.
> In the case of MOD=01 and MOD=10 I understand that an 8-bit displacement
>and a 32-bit displacement, respectively, must be present if EBP is used as a
>base register.
If you use only one register for addressing (like [eax] or [edi], not
[eax+edi]) and no scaling, you only need a ModR/M byte, no SIB byte.
The register used for addressing cover bits 2:0 of the ModR/M byte
(called the r/m field), I'm not sure if we can call this either "index"
or "base", these terms make only sence if both are specified:
[base+index*scale].
The MOD field (bits 7:6) tells us, if a displacement to the register is
given: 00 -> no disp, 01 -> disp8, 10 -> disp32.
Quite easy up to here. Now, two special cases must be observed: The code
101 for the r/m field along with mod=00 specifies the use of only a
displacement, without a register. This code would otherwise used for
[ebp]. To address with [ebp], we must code [ebp+0], using a displacement
of 0 and mod=01.
The second special case is code 100. This indicates that a SIB byte is
following the ModR/M byte, which holds the registers to be used. In
contrast to r/m=101, the SIB byte is used even for MOD=01 and 10.
Therefore, we can't code the address [esp] or [esp+disp] with only the
ModR/M byte. The MOD field has the same meaning as with the "normal"
cases, it tells the presence and size of the displacement (now relative
to the address specified by the SIB byte).
The SIB byte contains two registers, base (bits 2:0) and index (5:3).
Again, one special case: index=100 means no index (only base).
Therefore, esp can never be the index.
>But what does Intel mean by the case of MOD=00 when they say
>a "32-bit displacement along with the index, [EBP] otherwise"?
With MOD=00, a 101 as the base in the SIB byte means that no register is
used as base, but only a displacement.
MOD=00 -> [disp32+index*scale]
MOD=01 -> [base+index*scale+disp8]
MOD=10 -> [base+index*scale+disp32]
Therefore, [ebp+eax*4] must be coded as [ebp+eax*4+0].
ModR/M byte:
Bits 7-6 Bits 5-3 Bits 2-0
mod reg r/m
r/m MOD=00 MOD=01 MOD= 10 MOD=11
000 [eax] [eax+imm8] [eax+imm32] r/m is register
001 [ecx] [ecx+imm8] [ecx+imm32]
010 [edx] [edx+imm8] [edx+imm32]
011 [ebx] [ebx+imm8] [ebx+imm32]
100 [SIB] [SIB+imm8] [SIB+imm32]
101 [imm32] [ebp+imm8] [ebp+imm32]
110 [esi] [esi+imm8] [esi+imm32]
111 [edi] [edi+imm8] [edi+imm32]
[SIB] -> base=101 means disp32
[SIB+imm8] and [SIB+imm32] -> base=101 means ebp
SIB byte:
Bits 7-6 Bits 5-3 Bits 2-0
Scale Index Base
Address = Base+Index*2^Scale
Base/Index/Scale Base Index Scale
000 [eax +eax *1]
001 [ecx +ecx *2]
010 [edx +edx *4]
011 [ebx +ebx *8]
100 [esp]
101 [ebp/disp32 +ebp
110 [esi +esi
111 [edi +edi
HTH, Sebastian
Gerhard W. Gruber
<o...@hotmail.com> in comp.lang.asm.x86 with
<Rj6U8.1447$8b1.64...@newssvr15.news.prodigy.com>
> I have the 3 Volumes printed out, but thanks! Unfortunately, it's
>ambiguous in the special cases of SIB encoding. I'm programming an
It's not ambigous because I know I got all the information from it. :)
Unfrotunately that was two years ago and I must say that I don't remeber all
the details. :( I have looked into the source code and I haven't commented
enough it seems, so It would take me some time to get into the decoder process
again. But I remeber that the MOD-R/M, SIB bytes gave me some headache as well
until I understood how they worked. I know that I knew it, because my
disassembler can handle them. So this means it will take some time until I can
dig out that information again.
Octavio Vega Fernández
Orlando Llanes escribió en mensaje ...
>displacement must be present. Otherwise if MOD=01 or MOD=10 then the
>reference is EBP as the base register along with whatever register is used
>as the index.
> Am I on the right track?
>
>
>> żare you writing an assembler?
>
> Yes.
I'm to.
>
> Thanks!
>
>
>See ya!
>Orlando
>
>
>
Orlando Llanes
"Sebastian Weiser" <s.we...@berlin.de> wrote...
> If you use only one register for addressing (like [eax] or [edi], not
> 111 [edi +edi
That's very thorough :) Thanks!
See ya!
Orlando