Home > Archive > A86 Assembler > May 2006 > [BIOS] How to calculate the destination by machine code ?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
[BIOS] How to calculate the destination by machine code ?
|
|
|
| Dear all,
I have a question about the content of BIOS :
( 512KByte BIOS , 0x00000~0x7ffff )
Let me briefly describe it ^_^
At power on, CPU will access the content in
address 0xFFFFFFF0 and then perform the
fetched code ( usually a far-jump...)
[ROM content]
address : 0007fff0 data : EA AA FF 00 F0
^^^^^^^^ ^^ ^^^^^^^^^^^
first fetched code far jump to F000:FFAA
According to above, we check the content in
address 0x007FFAA:
[ROM content]
address: 0007ffaa data : B0 78 E6 80 E9 BF
^^^^^ ^^^^^ ^^^^^
*1 *2 *3
*1 - machine code of assembly code "mov al, 78h"
*2 - machine code of assembly code "out 80h, al"
*3 - guess " near jump"....
My question is : how to interpret the machine code "E9 BF" ?
( E9 is the machine code for "jmp" and "BF" is ? )
One clue is : I know the destination after executing "E9 BF"
and that is address 0x00070260 ! ( within the same segment...)
Regards,
Jimmyliao
| |
| Charles Marslett 2006-05-14, 3:56 am |
| On 27 Apr 2006 22:40:37 -0700, "liaoo" <spamtrap@crayne.org> wrote:
>Dear all,
>
>I have a question about the content of BIOS :
>( 512KByte BIOS , 0x00000~0x7ffff )
>
>Let me briefly describe it ^_^
>
>At power on, CPU will access the content in
>address 0xFFFFFFF0 and then perform the
>fetched code ( usually a far-jump...)
>
>[ROM content]
>address : 0007fff0 data : EA AA FF 00 F0
> ^^^^^^^^ ^^ ^^^^^^^^^^^
> first fetched code far jump to F000:FFAA
>
>According to above, we check the content in
>address 0x007FFAA:
>[ROM content]
>address: 0007ffaa data : B0 78 E6 80 E9 BF
> ^^^^^ ^^^^^ ^^^^^
> *1 *2 *3
>*1 - machine code of assembly code "mov al, 78h"
>*2 - machine code of assembly code "out 80h, al"
>*3 - guess " near jump"....
>
>My question is : how to interpret the machine code "E9 BF" ?
>( E9 is the machine code for "jmp" and "BF" is ? )
>
>One clue is : I know the destination after executing "E9 BF"
>and that is address 0x00070260 ! ( within the same segment...)
>
>Regards,
>Jimmyliao
There are a few disassemblers out there thad can be used for this (I
used to have two or three, and I've even written one) -- but for a few
instructions you can look on the Intel and AMD web sites for the PDF
files that cover the x86 instruction set and look up the instruction
formatting.
In this case the near jump has a 1 byte signed operand. So it adds
that value to the address pointer (after the second byte has been
loaded) -- so it jumps to
(0007ffaa+6 = 0007ffb0, address after the instruction) + ffffffbf
= 0007ff6f (if my mental hex arithmetic hacks it)...
--Charles
|
|
|
|
|