Hi guys, I need some help.
What is this? Why does it happen?
;When I compile my code and debug it for errors, I just noticed something, what numbering is this?
;For example, if this is my code:
push 1 ;6A 01 It makes sense to me, however... what I am about to type below does not make sense
push 199; 68 99 01 00 00 ;I thought it would have been 68 C7, whats up, why is in that format? Should it not be 68 C7? What exactly is this numbering format?
Thanks just curious what numbering format is being used, It doesn't seem like hex or binary to me, if it were hex it would be 68 C7, and if it were binary it would be 68 11 00 01 11
If it's a shift, what is it being shifted by?
PS: I am trying to make a compiler that will compile the following instructions:
ADD
CMP
SUB
MOV ;Having trouble with its hex values, ie Mov eax, 1000 has a weird value
NOP ;0x90
the 2-byte form is only valid for byte-sized signed values (-128 to +127)
try this code and see what the assembler generates
push -57
pop eax
then see what is in eax :bg
eax should be FFFFFFC7h
it gets sign-extended to a dword
How would I convert it so that my assembler can compile it? I had no problem making my assembler when all the functions were NOP lol, however I am having trouble with push, how would I make a function to generate the hex code of a push function that accepts one parameter?
What would be the formula for turning 199 into 99 01 00 00
and 100 into 00 10 00 00?
You said that it is in 2 byte form, how would I convert to that?
What are you compiling/assembling/disassembling with?
If PUSH 199 is assembling as 68 99 01 00 00 it is interpreting 199 as hexidecimal, and encoding it as 4 bytes, low order first
68 Opcode
99 LSB
01
00
00 MSB
PUSH 012345678h ; 0x12345678
Would be 68 78 56 34 12
In pseudo code
X = 0xDEADBEEF;
B[0] = 0x68; Opcode
B[1] = (BYTE)((X >> 0) & 0xFF);
B[2] = (BYTE)((X >> 8) & 0xFF);
B[3] = (BYTE)((X >> 16) & 0xFF);
B[4] = (BYTE)((X >> 24) & 0xFF);
it should be simple enough, David
if the operand evaluates to a value between -128 and +127, you can use the 2-byte form (6Ah opcode)
otherwise, you must push the full dword value (68h opcode)
a word of caution, though..
in this example, the assembler should be able to use the 2-byte form (although some assemblers may not)
SomeEquate EQU 12
.
.
.
push SomeEquate
in this example, the 5-byte form must always be used, as the value of "SomeEq" is unknown at assembly time
SomeEq = 12
.
.
.
push SomeEq
thank you very much guys, you made it much more clear for me :bg
Microsoft (R) Macro Assembler Version 6.15.8803 04/23/10 12:42:48
pushtest.asm Page 1 - 1
.386
.MODEL FLAT,C
00000000 .CODE
00000000 start:
00000000 6A 01 push 1
00000002 6A 02 push 2
00000004 6A 7F push 127
00000006 68 00000080 push 128
0000000B 68 000000C7 push 199
00000010 68 000000C8 push 200
00000015 68 000003E8 push 1000
0000001A 6A 7F push 7Fh
0000001C 68 00000080 push 80h
00000021 68 00000199 push 199h
00000026 6A FF push -1
00000028 6A FE push -2
0000002A 68 FFFFFC18 push -1000
0000002F 68 12345678 push 12345678h
00000034 68 DEADBEEF push 0DEADBEEFh
END start
Disassembly
00000000 _start:
00000000 6A01 push 1
00000002 6A02 push 2
00000004 6A7F push 7Fh
00000006 6880000000 push 80h
0000000B 68C7000000 push 0C7h
00000010 68C8000000 push 0C8h
00000015 68E8030000 push 3E8h
0000001A 6A7F push 7Fh
0000001C 6880000000 push 80h
00000021 6899010000 push 199h
00000026 6AFF push 0FFFFFFFFh
00000028 6AFE push 0FFFFFFFEh
0000002A 6818FCFFFF push 0FFFFFC18h
0000002F 6878563412 push 12345678h
00000034 68EFBEADDE push 0DEADBEEFh