Hello, In my code one of my lines is:
xor eax,eax
and when i disassemble that code with ndisasm (nasm dissasembler) xor eax,eax became xor ax,ax and when I put xor ax,ax in my code when i disassemble it it becomes xor eax,eax...
Is this normal behavior?Xor eax, eax and ax,ax both take the same amount of bytes but I'm curious if they even do the same thing and I'm wondering why eax,eax becomes ax,ax and vice versa.
xor eax,eax
and when i disassemble that code with ndisasm (nasm dissasembler) xor eax,eax became xor ax,ax and when I put xor ax,ax in my code when i disassemble it it becomes xor eax,eax...
Is this normal behavior?Xor eax, eax and ax,ax both take the same amount of bytes but I'm curious if they even do the same thing and I'm wondering why eax,eax becomes ax,ax and vice versa.
'xor eax, eax' and 'xor ax, ax' have the same opcodes (33 C0) but one of them has a prefix byte (66), depending on which mode the processor is in. In 16-bit mode, 33 C0 means 'xor ax, ax' and 66 33 C0 means 'xor eax, eax'. In 32-bit mode, 33 C0 means 'xor eax, eax' and 66 33 C0 means 'xor ax, ax'.
Your assembler and disassembler probably assume different modes (assembler uses 32-bit mode but disassembler assumes the code is written for 16-bit mode)
Thomas
Your assembler and disassembler probably assume different modes (assembler uses 32-bit mode but disassembler assumes the code is written for 16-bit mode)
Thomas
heh the stuff thats floating around in some ppls heads.... lol some ppl just know everything ;)
heh the stuff thats floating around in some ppls heads
Didn't read The Svin's opcode tutorial in the Algorithms forum, did you? :tongue: