Common searches

Search results

Display options

Re: x86 NULL selector's RPL effect?

Loading NULL with any RPL is allowed, since there's nothing to check. ARPL doesn't work on selectors, it's only for registers that you'd move into a selector later. You can load DS with 00. That doesn't introduce any issue because you'll still need to assign a non-zero selector later in order to …

Re: x86 BT* instructions overflow flag?

You might get the proper result with RCR/CF=0 but I never tried it. However, they're not the same - RCR with CF=0 introduces a zero-bit where there wasn't one before. If you ROL (not RCL) an 8-bit number by 8 bits, then carry receives a copy of bit 0. If you RCR the same with CF=0, you don't get the …

Re: What CPU state is reversed when a fault occurs?

How would you determine that? Easy, an interrupt or page fault can cause an exception that allows the flags to be examined. Other relevant registers (esi/edi/ecx) must also be updated on every repeat so the instruction can be resumed properly after an exception. No, that's not every iteration, …

Re: What CPU state is reversed when a fault occurs?

EFLAGS Don't think that's right, cmpsb/w and scasb/w with a rep prefix set new flags for every repetition. How would you determine that? It's true for single-step, but otherwise the performance hit to do it on every iteration makes it seem unlikely to me. Certainly on later Pentium CPUs, it's not …

Re: x86 Jcc vs address size?

Gosh. Indeed I have it entirely backwards. 0x66 is the override that affects all transfers of control: 9A/E0/E1/E2/E3/E8/E9/EA/EB/7x/0F 8x. There are no exceptions, except that it's 0x66 and not 0x67. That was my mistake. 400000: 66 EB 00 will jump to 0x0003.

Re: x86 Jcc vs address size?

So, according to the documentation, operand size (0x66) has effect on the opcodes themselves(e.g. 0F80 being 0x0F80XXXX vs 0x0F80XXXXXXXX), so just changing the immediate operand size. Yes. And with those 0F Jcc (0F80-0F8F) switch between EIP and IP depending on the effective address size( …

Re: x86 Jcc vs address size?

Operand size (0x66) will switch between ECX and CX, and 32-bit or 16-bit immediate for 0F Jcc branches). It does nothing for rel8 Jcc. Address size (0x67) will switch between EIP and IP for the destination address if taken, including for rel8 Jcc.

Page 1 of 27