0

In x86-64 assembly I have following instruction

mov        dx, word [esi-5]

Nasm 2.13.03 generates:

66 67 8B 56 FB

yasm 1.3.0 generates:

67 66 8B 56 FB

The 66 67 opcodes are modifiers so 8B 56 FB on its own is:

 mov        edx, dword [rsi-5]

I noticed that:

66 8B 56 FB

also evaluates to:

mov        dx, word [rsi-5]

I have two questions:
1) Why nasm & yasm emit this 67 opcode byte padding? (67 on it's own is not enough to reduce edx to dx, it needs to include 66 )
2) Is there a way to emit a shorter 4 byte instruction without 67 in nasm / yasm?

Peter Cordes
  • 245,674
  • 35
  • 423
  • 606
Kamil.S
  • 4,364
  • 2
  • 14
  • 40
  • None of this makes sense. First of all, the instruction ends with `fb`, the `85` is part of the next instruction. Second, even then, `66 67 8b 46 fb` disassembles to `mov ax, word [esi-5]` which is not quite the same as you posted. Did you make a mistake transcribing this somewhere? – fuz Mar 25 '18 at 14:32
  • 67 should make the address into [esi-3] and without it it will be [rsi-3] so somewhere there’s a problem – Sami Kuhmonen Mar 25 '18 at 14:33
  • @fuz last byte was redudant ,I removed it . Anyway `66 8B 56 FB` in Hopper evaluates to `mov dx, word [rsi-3]` – Kamil.S Mar 25 '18 at 14:36
  • @Kamil.S No, that's not correct. `66 8b 56 fb` is `mov dx, word [rsi-5]`. Did you make an error transcribing this somewhere? – fuz Mar 25 '18 at 14:44
  • @fuz I hate to admit but I did , the difference is in `word [rsi-5]` vs `word [esi-5]` – Kamil.S Mar 25 '18 at 14:46
  • @Kamil.S Exactly, as Sami Kuhmonen already said. Unless you must ignore the high bits of `rsi` or rely on `esi` being sign extended, you can usually change `[esi-5]` to `[rsi-5]` without ill effect. – fuz Mar 25 '18 at 14:48

1 Answers1

0

The question made false assumption 66 8B 56 FB 

mov        dx, word [rsi-5]

is equivalent to

`66 67 8B 56 FB` or `67 66 8B 56 FB` 

mov        dx, word [esi-5]

66 reduces edx to dx
67 reduces [rsi-5] to [esi-5]

Kamil.S
  • 4,364
  • 2
  • 14
  • 40
  • 1
    BTW, you might want `movzx edx, word [rsi-5]`, [to avoid potential partial-register slowdowns](https://stackoverflow.com/questions/41573502/why-doesnt-gcc-use-partial-registers) either from later reading edx, or on some CPUs to avoid a false dependency. Also, `0xFB = 256-5`. Your machine code definitely has a `-5` displacement, not `-3`. – Peter Cordes Mar 25 '18 at 22:00
  • @PeterCordes `movzx` is very neat suggestion , much appreciated – Kamil.S Mar 26 '18 at 07:00