heya,
this is a formated version of all The Svin's opcodes tutorials in a doc format.
i hope the svin won't be mad of me cuz of this :) :grin:
Posted on 2003-03-18 00:11:38 by wizzra
Nice.... :grin:
Posted on 2003-03-18 00:41:38 by roticv
wizzra,
I'm not mad of course,
the tuts are kinda 'primary scretch', after they are all done and all supplying
software will be finished, the whole picture will be more clear and
they will be rewritten and restructurized maybe to make them better.
One of many reason why I post them here is to read suggestions from
people about them.
So thanks for your work.

Fist couple things that came to my mind when I had a first glance
in the doc:
1. Last part is missing - the part was uploaded as OEM ASCII file,
(about bits in code block field). And in the future I'm going to send
next parts as zipped ASCII files with OEM pseudo-gfx.
2. Something need to be done about alignment, there is some data that
looks the best when it is in table, aligned in columns.
An example of the kind of data might be the last part of the
file where data needed to be aligned in three columns:

1.address format 2.size of format 3. parts (blocks)

In present format the data shifted to different directions
and thus almost unreadable.


To a few people who still read Opcode tuts I can say - it is not
even close to an end :)
There will be more new interesting staff about opcodes construction
and work. I wrote 3 new parts but just can't force myself translate it
in English. :)

New educational apps are being written as well.
I still think - the fastest way and more comprehencive way to understand
material is using practicing with the apps (muldiv is even better - try it!)
and constructing opcodes in debugger as primary exersizes; and
reading the tuts is secondary, auxilary and refferencial work.
Practice in dealing actively with real thing is actually the shortest way
to effectively get deep understanding.
There is very popular wrong assumtion that if you have a lot
of time then you may both - read and practice, and if you don't have
a lot of time - you can just read.
Nothing can be as wrong as that.
The shortest way if you have limited time - practicing using docs
just as reference when needed.
The best way of course - carefull reading and creative practice.
But I want to stress again - dealing with real things is the shortest
way to understand, while just reading may give even wrong impression
on subject of reading if you don't check your questions and ideas
in reality.
Posted on 2003-03-18 05:44:29 by The Svin
heya The Svin :)
yeah, i think few stuff as tables..etc would make some stuff more clearly and will make things much more readble, i will work on that from time to time..
i did formated your tuts while reading them.

about opcodes, is there any end for this? hehe i feel sorry on the intel guys who dedigned it, that was probably hell of a job to do!
the smallest bit could turn ur menemonic into a whole new menemonic hehe [ ie: bit d/w]
this stuff makes me very confused after reading too much..
practicing is a good thing indeed!.

i hope new tuts will come so we can expand knowledge more!
keep up the good work The Svin :alright: u'v done more than enough!
Posted on 2003-03-18 07:13:37 by wizzra

the smallest bit could turn ur menemonic into a whole new menemonic hehe [ ie: bit d/w]
this stuff makes me very confused after reading too much..

I've just started writing d\w opcode model demonstration app.
Try to play with it might be it could help understanding.
It is just started, only refference page finished.
Test parts will come later.
You may change bits d,w by clicking on d,w lables.
Change code blocks pressing instruction buttons.
And set values for regs pressing buttons below cod/r mem/r labels.
Posted on 2003-03-20 14:14:39 by The Svin
the svin - very nice tool . hope to get more in the future
Posted on 2003-03-20 15:38:56 by eko
Heya The Svin.

great tool so far!
however i found a weird behave:

... <normal>
... <normal>
clicking on MOV shows OR
clicking on OR shows SBB
...
...
clicking on SUB shows XOR
clicking on XOR shows XOR
Posted on 2003-03-20 16:24:17 by wizzra
:)
Forgot a to put record for mov :))
Thanx for report.
Here it fixed:
Posted on 2003-03-20 16:40:15 by The Svin

the svin - very nice tool . hope to get more in the future

Thanx, eko
There are two simular tools in Opcode #7 section
with both refference and "test your knowlege" parts.
It's training apps supplying the tuts.
Posted on 2003-03-20 17:55:55 by The Svin
The Svin,
is there an end for those opcodes combinations? hehe
i aldreasy got 80mb of those combinations =)
i feel sorry over intel guys hehe.
but i wonder how diasm engine would decode such stuff, i mean, there are allot of work to be done..
i looked around at olly's engine, seems not much hard to figure..but mabye because hes good!.
what do you think will be best approach for decoding opcodes?
trying to pick bits by bits is fairly unreal .
at olly, i saw he uses masks which is ANDed with a dword ..etc
* prefixes is being search first!
Posted on 2003-03-20 18:28:13 by wizzra
wizzra, it's not so hard really.
But we'll talk about it when opcodes tuts finished and whole opcodes construction system is clear to you.
If you need it faster you may try your luck with people
like betov of Privalov.
They are real gurus in writting mnemonic decoding\encoding.
I'm just a humble low level coder, whose happened to
know opcode construction from coding practice, and trying now explain basics of it.
For starter regcode.exe and muldivop.exe
in opcode # 7 train your ability of encoding\decoding particlar fundamental fields, and supply refference on them, there will be further deeper training apps to understand other fundamental parts of decoding\encoding. Practice with them, after that there will be progressivly more complex programm, untill there will be
last programms and the whole picture will be absolutly clear to you.
You don't need memorize opcodes to decode\encode.
You need to understand rules of construction.
i.e. meaning and purpose of bit fields, order of decoding
etc.
Posted on 2003-03-21 16:12:33 by The Svin
thnx The Svin!
i'll wait for those tools which will aid me coding an disasm engine [ since i am short of time, i'll make it pretty slow/unoptimized]
thus, i did wrote small code for recognizing mod 11's MOV instruction so far.
something like this:


case 0x8B: // bit w = 1
{
if(((BYTE)Opcode[i+1] & 0xC0)==0xC0) // MOV XXX,XXX (bit 'd' = 1, <-)
{
BYTE reg1,reg2;

reg2=((BYTE)Opcode[i+1]&0x07);
reg1=((BYTE)Opcode[i+1]&0x38)>>3;
wsprintf(menemonic,"mov %s,%s",regs[REG32][reg1],regs[REG32][reg2]);
strcpy(Disasm->Assembly,menemonic);
strcpy(Disasm->Remarks,"");
wsprintf(menemonic,"8B%02X",(BYTE)Opcode[i+1]);
strcpy(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
++(*Index);
}
}
break;


its kinda ugly code, but heck, i need to make whole engine till end of this year :P
Posted on 2003-03-21 18:55:45 by wizzra
About Disasm Engine. I know some knowledge to made it. But Im focused on the assembler first. It more uneasy made a Compiler than a Disassembler.:grin:
Posted on 2003-03-27 01:27:11 by realvampire
hope to get more in the future

I've finished it and posted to Opcode #7
Posted on 2003-03-28 13:42:05 by The Svin
Hi wizzra ;),

Hi The Svin =)

So, wizzra, won't u make a new .doc with the new articles by The Svin? n plz include the sample .zip if he doesnt mind =)

PS: gr8 job :alright:

cya
CuTedEvil
Posted on 2003-07-10 02:56:28 by CuTedEvil
CutedEvil =)
there is only 1 new chapter, which i will include in the book, i also need to reformat the new chapter.
as for the zip files, u can download it right from this forum :)
Posted on 2003-07-10 03:42:53 by wizzra

thnx The Svin!
i'll wait for those tools which will aid me coding an disasm engine [ since i am short of time, i'll make it pretty slow/unoptimized]
thus, i did wrote small code for recognizing mod 11's MOV instruction so far.
something like this:


case 0x8B: // bit w = 1
{
if(((BYTE)Opcode[i+1] & 0xC0)==0xC0) // MOV XXX,XXX (bit 'd' = 1, <-)
{
BYTE reg1,reg2;

reg2=((BYTE)Opcode[i+1]&0x07);
reg1=((BYTE)Opcode[i+1]&0x38)>>3;
wsprintf(menemonic,"mov %s,%s",regs[REG32][reg1],regs[REG32][reg2]);
strcpy(Disasm->Assembly,menemonic);
strcpy(Disasm->Remarks,"");
wsprintf(menemonic,"8B%02X",(BYTE)Opcode[i+1]);
strcpy(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
++(*Index);
}
}
break;


its kinda ugly code, but heck, i need to make whole engine till end of this year :P


Wizzra, it will be pain case-ing it one by one. 'And' the first byte with 0xF0. And then translated it to ASCII. And then compare it with your DataBase.




and al,FD
invoke dw2a,al,addr Bupper
invoke ArrayFunction,Pos,lpFile,addr Bupp
invoke CmpString, addr Bupp, addr Bupper,eax




Near, Far like that. Also, it will be more pain coding it on C. The size is big.
Posted on 2003-07-10 06:46:38 by realvampire
ah, this is kinda old code :)
i do it little different now, but as i said, i have no time to make a fully optimized stuff as the engine should be coded as fast as i can, also i need to continue the gui..
kinda w32dasm alike, i have an idea to add a debugger as well...but heck..lotsa work, too little time...
Posted on 2003-07-10 13:33:08 by wizzra
nice-- B)
Posted on 2003-07-16 21:35:46 by Tweak