flat assembler
Message board for the users of flat assembler.

Home Search Register
Log in to check your private messages Log in

Index > Main > What is the longest possible instruction encoding?
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 19874
Location: In your JS exploiting you and your system
revolution 18 Mar 2023, 04:33
It is documented that the maximum allowable instruction length is 15 bytes for all 386+ CPUs. This limit is imposed by the decoder. For earlier CPUs, the 286 was 10 bytes. And even earlier 186 and 8086 had no limit.

I tried to find instructions that reach the limits.

For 8086/186 it is too easy. We can get an infinite length instruction by simply adding more redundant prefixes. And after wrapping around at 64kB it will keep executing forever. But if the idea of redundant prefixes is not permitted then what are the longest instructions?

80286:
Code:
use16
lock add word[es:bx+di+0x1234],0x1234 ; longest I can find is 8 bytes.
80386:
Code:
use16
lock add dword[fs:ebx+edi+0x12345678],0x12345678 ; 15-bytes
For 32 bit:
Code:
use32
lock add dword[fs:ebx+edi+0x12345678],0x12345678 ; only 13-bytes
vinserti64x4 zmm0,zmm1,[fs:ebx+edi+0x12345678],0x45 ; only 13-bytes
How about 64-bit mode?
Code:
use64
lock add qword[fs:ebx+edi+0x12345678],0x12345678 ; 15-bytes
Where are the missing bytes for use32? How to get 10-bytes in the 80286? All without cheating by using redundant or invalid prefixes?
Post 18 Mar 2023, 04:33
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 8268
Location: Kraków, Poland
Tomasz Grysztar 18 Mar 2023, 08:17
revolution wrote:
How to get 10-bytes in the 80286? All without cheating by using redundant or invalid prefixes?
It is not possible, as far as I know. My copy of 286 manual states this:
INTEL 80286 PROGRAMMER'S REFERENCE MANUAL wrote:
Do not Duplicate Prefixes. The 80286 sets an instruction length limit of 10 bytes. The only way to violate this limit is by duplicating a prefix two or more times before an instruction. Exception 6 occurs if the instruction length limit is violated. The 8086/8088 has no instruction length limit.

The 386 manual has its own version of this paragraph:
INTEL 80386 PROGRAMMER'S REFERENCE MANUAL wrote:
The 80386 sets a limit of 15 bytes on instruction length. The only way to violate this limit is by putting redundant prefixes before an instruction. Exception 13 occurs if the limit on instruction length is violated. The 8086/8088 has no instruction length limit.
Post 18 Mar 2023, 08:17
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 19874
Location: In your JS exploiting you and your system
revolution 18 Mar 2023, 08:50
I suspect there were some widely used applications for the 8086/186 that had redundant prefixes for 10-byte instructions. And Intel didn't want to break them all by imposing an 8-byte limit on the 286. The 286 would have been a commercial failure if it couldn't run the existing 8086 apps.
Post 18 Mar 2023, 08:50
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Main index Download Documentation Examples Message board

Copyright © 1999-2023, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.