18

Is there a way to 'mov'e a specific immediate byte-size number into a direct memory location? I.e.

MOV 10h,ffffh

to write the value 16 into the memory address 65535? If so, which opcode is that, orwould I have to store a memory address into a register first?

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
Nicholas Hill
  • 191
  • 1
  • 2
  • 4
  • 3
    In Intel syntax, `mov byte ptr [0ffffh], 10h`. In AT&T syntax,`movb $0x10, 0xffff`. Consult your assembler documentation for more details. – Raymond Chen Sep 13 '11 at 21:54

2 Answers2

15

Yes. The opcode is C6. You should download a copy of the Intel ISA documents, which are freely available.

To your follow-up question: the full encoding of your example is:

  c6      04      25   ff ff 00 00   10
opcode  modr/m   sib     address     immediate
Stephen Canon
  • 103,815
  • 19
  • 183
  • 269
  • Thanks Stephen, however doesn't instruction C6 require a r/m byte? If that is the case, then the resulting instruction is only four bytes long, surely not enough to hold a complete memory address? – Nicholas Hill Sep 13 '11 at 22:16
  • 1
    @Nicholas Hill: the resulting instruction is *not* only 4 bytes long. – Stephen Canon Sep 13 '11 at 22:42
10

Intel Manual Volume 2 Instruction Set Reference - 325383-056US September 2015 Section 3.2 "MOV—Move " has a table which contains:

Opcode            Instruction
----------------  ----------------
C6 /0 ib          MOV r/m8, imm8
C7 /0 iw          MOV r/m16, imm16
C7 /0 id          MOV r/m32, imm32
REX.W + C7 /0 io  MOV r/m64, imm32

Then you must know that:

  • r/m means register or memory location
  • imm means immediate

So those are the encodings you are looking for.

More empirically you could also have just tried it out and decompiled:

mov byte [0x1234678], 0x9A

Then:

as --32 -o a.o a.S
nasm -felf32 -o a.o a.asm

Gives:

00000000 <.text>:
   0:    c6 05 78 56 34 12 9a    movb    $0x9a,0x12345678

So we conclude that c6 is the opcode, with ModR/M 05, and immediates following.

Ciro Santilli OurBigBook.com
  • 347,512
  • 102
  • 1,199
  • 985
  • https://www.felixcloutier.com/x86/mov has the manual entry you're quoting. [How to read the Intel Opcode notation](https://stackoverflow.com/a/53976236) details how to read the `/0` part (and the other answer there has info on reading the rest of the entry). – Peter Cordes Apr 13 '22 at 11:55