Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


is mov eax,[xxxxxxxx] 5 byte code or 6 byte code?

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
supercharger
Advanced Cheater
Reputation: 0

Joined: 06 Aug 2009
Posts: 61
PostPosted: Tue Feb 09, 2010 2:34 pm    Post subject: is mov eax,[xxxxxxxx] 5 byte code or 6 byte code? Reply with quote
i found different opcodes for the same instruction, such as
mov eax,[xxxxxxxx].
and most of the time CE generates 6 byte code. why is that?

another thing, is it possible that CE generated codes be incompatible with AMD CPU or Win7 / Vista ? i mean, a game originally works with AMD/Vista, after inserting codes generated by CE, the game doesn't work with AMD/Vista, but still works with INTEL / WinXP .
Back to top
View user's profile Send private message
Recifense
I post too much
Reputation: 166

Joined: 17 Mar 2008
Posts: 3688
Location: Pernambuco - Brazil
PostPosted: Wed Feb 10, 2010 7:06 am    Post subject: Reply with quote
Quote:
found different opcodes for the same instruction, such as
mov eax,[xxxxxxxx].
and most of the time CE generates 6 byte code. why is that?


mov eax,[address] => A1+32bitsADDRESS => it is five bytes long.

mov eax,[12345678] => A1 78 56 34 12

A1 = Opcode
78 56 34 12 = Parameter

The parameter can change, but the Opcode will was be A1 for this instruction.

Cheers!
Back to top
View user's profile Send private message Send e-mail
Dark Byte
Site Admin
Reputation: 471

Joined: 09 May 2003
Posts: 25835
Location: The netherlands
PostPosted: Wed Feb 10, 2010 9:02 am    Post subject: Reply with quote
mov eax,[eax+01235678] = 8b 80 + 32bit address
In that case, 6 bytes

and mov eax,[eax+eax*4] = 8b 04 80
3 bytes

as for incompatible with amd, only if you use instructions that are incompatible with amd yourself
_________________
Do not ask me about online cheats. I don't know any and wont help finding them.

Like my help? Join me on Patreon so i can keep helping
Back to top
View user's profile Send private message MSN Messenger
Psy
Grandmaster Cheater Supreme
Reputation: 1

Joined: 27 Mar 2008
Posts: 1366
PostPosted: Wed Feb 10, 2010 9:06 am    Post subject: Re: is mov eax,[xxxxxxxx] 5 byte code or 6 byte code? Reply with quote
What the guys said ^

And..
[quote="supercharger"
another thing, is it possible that CE generated codes be incompatible with AMD CPU or Win7 / Vista ? i mean, a game originally works with AMD/Vista, after inserting codes generated by CE, the game doesn't work with AMD/Vista[/quote]

I'm not sure this is the issue; it'd be hard for you to do this :/ You'd have to be using some instruction set such as SSE3/4 which a modern Intel CPU would be able to handle but not an AMD; although you'd have to define these yourself (using 'DB' and then the byte array) as the auto-assembler won't parse these.
Back to top
View user's profile Send private message
supercharger
Advanced Cheater
Reputation: 0

Joined: 06 Aug 2009
Posts: 61
PostPosted: Wed Feb 10, 2010 10:55 am    Post subject: Reply with quote
sorry i made a mistake. the problem is like this.

the following codes were all generated by CE:
89 05 b8 74 53 00 - mov [005374b8],eax
a3 f8 2f 53 00 - mov [00532ff8],eax
89 05 f8 2f 53 00 - mov [00532ff8],eax
a3 c8 1d 4f 00 - mov [004f1dc8],eax

see the 2nd and 3rd line, i wrote the same instruction and CE generated different codes, one 5 byte , the other 6 byte.
are there any difference of function between these codes?
and i also met other cases that different opcodes are interpreted as the same instruction. such as
03 c1 - add eax,ecx
01 c8 - add eax,ecx
the 1st line was taken from a game, CE generates the 2nd line everytime i type the instruction. i was afraid they have different functions so i rewrote the code to "03 c1" by menu "fill memory" (sometimes i can't confirm whether there are wrong codes only by checking the appearance of the game)
Back to top
View user's profile Send private message
Recifense
I post too much
Reputation: 166

Joined: 17 Mar 2008
Posts: 3688
Location: Pernambuco - Brazil
PostPosted: Thu Feb 11, 2010 7:55 am    Post subject: Reply with quote
Hi,

According to "IA-32 Intel® Architecture Software Developer’s Manual" all the instructions you cited are correct. Please take a look:


Code:

Opcode     Instruction      Description

04 ib     ADD AL,imm8       Add imm8 to AL
05 iw     ADD AX,imm16      Add imm16 to AX
05 id     ADD EAX,imm32     Add imm32 to EAX
80 /0 ib  ADD r/m8,imm8     Add imm8 to r/m8
81 /0 iw  ADD r/m16,imm16   Add imm16 to r/m16
81 /0 id  ADD r/m32,imm32   Add imm32 to r/m32
83 /0 ib  ADD r/m16,imm8    Add sign-extended imm8 to r/m16
83 /0 ib  ADD r/m32,imm8    Add sign-extended imm8 to r/m32
00 /r     ADD r/m8,r8       Add r8 to r/m8
01 /r     ADD r/m16,r16     Add r16 to r/m16
01 /r     ADD r/m32,r32     Add r32 to r/m32   <---- add eax,ecx (ok)
02 /r     ADD r8,r/m8       Add r/m8 to r8
03 /r     ADD r16,r/m16     Add r/m16 to r16
03 /r     ADD r32,r/m32     Add r/m32 to r32   <---- add eax,ecx (ok)


Code:

Opcode    Instruction       Description

88 /r     MOV r/m8,r8       Move r8 to r/m8
89 /r     MOV r/m16,r16     Move r16 to r/m16
89 /r     MOV r/m32,r32     Move r32 to r/m32         <---- mov [m32],eax (ok)
8A /r     MOV r8,r/m8       Move r/m8 to r8
8B /r     MOV r16,r/m16     Move r/m16 to r16
8B /r     MOV r32,r/m32     Move r/m32 to r32
8C /r     MOV r/m16,Sreg**  Move segment register to r/m16
8E /r     MOV Sreg,r/m16**  Move r/m16 to segment register
A0        MOV AL,moffs8*    Move byte at (seg:offset) to AL
A1        MOV AX,moffs16*   Move word at (seg:offset) to AX
A1        MOV EAX,moffs32*  Move doubleword at (seg:offset) to EAX
A2        MOV moffs8*,AL    Move AL to (seg:offset)
A3        MOV moffs16*,AX   Move AX to (seg:offset)
A3        MOV moffs32*,EAX  Move EAX to (seg:offset)  <---- mov [moffs32],eax (ok) (only for EAX)
B0+ rb    MOV r8,imm8       Move imm8 to r8
B8+ rw    MOV r16,imm16     Move imm16 to r16
B8+ rd    MOV r32,imm32     Move imm32 to r32
C6 /0     MOV r/m8,imm8     Move imm8 to r/m8
C7 /0     MOV r/m16,imm16   Move imm16 to r/m16
C7 /0     MOV r/m32,imm32   Move imm32 to r/m32


Cheers!
Back to top
View user's profile Send private message Send e-mail
supercharger
Advanced Cheater
Reputation: 0

Joined: 06 Aug 2009
Posts: 61
PostPosted: Thu Feb 11, 2010 9:56 am    Post subject: Reply with quote
Shocked thanks.

now, what i don't understand is why would CE generate different codes even if i type-in the same instruction.
if 2 opcodes have the same function, i would always prefer the shorter one.( 5 bytes for mov [00456789],eax ) Wink
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites