/4在FF/4中是什么意思? [英] What does the /4 mean in FF /4?
问题描述
对于jmp给出FF /4,而接近绝对间接的jmp给出FF /5.
One site that I commonly refer to for x86 documentation has a few instruction codes with a slash and a number. For instance, jmp near absolute indirect gives FF /4, whereas jmp far absolute indirect gives FF /5.
/4和/5是什么意思?
为了进行快速的小测试,我附加了一个32位进程,分配了一点内存,并用汇编程序插入了jmp dword ptr[0x12345678].生成的字节码为FF 25 78563412.我了解地址的开头性,但是25与/4或/5有何关系?
To run a quick little test, I attached to a 32-bit process, allocated a bit of memory and had the assembler insert jmp dword ptr[0x12345678]; the generated bytecode was FF 25 78563412. I understand the address endianess, but how does the 25 relate to /4 or /5?
我的猜测是我生成了一个jmp,并且/5意味着有五个字节作为参数(地址为4个字节,地址为25则为1个字节).我仍然对25的来源感到困惑.
My guess is that I generated a jmp far, and that the /5 meant there were five bytes as parameters (4 bytes for the address + 1 byte for 25). I'm still confused as to where the 25 is coming from.
推荐答案
从《英特尔参考手册》的指令摘要表中的3.1.1.1操作码列"部分:
From the Intel Reference Manual, section "3.1.1.1 Opcode Column in the Instruction Summary Table":
- /位数-0到7之间的数字表示 该指令仅使用r/m(寄存器或存储器)操作数. reg字段 包含提供指令操作码扩展名的数字.
- /r —指示指令的ModR/M字节包含一个寄存器 操作数和一个r/m操作数.
- /digit — A digit between 0 and 7 indicates that the ModR/M byte of the instruction uses only the r/m (register or memory) operand. The reg field contains the digit that provides an extension to the instruction's opcode.
- /r — Indicates that the ModR/M byte of the instruction contains a register operand and an r/m operand.
通常在ModR/M字节的各种描述中也提到此符号,例如
This notation is also usually mentioned in the various descriptions of the ModR/M byte, e.g.
这篇关于/4在FF/4中是什么意思?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
