How to decode a problematic sequence of bytes properly

How to decode a problematic sequence of bytes properly

I decided to ask this question because I could not find the answer for it in the official Intel manuals. (I am sorry for placing this question probably in wrong thread/place).

My problem is that I have recently been trying to properly interpret
this sequence of code (ia32)

db 0x66, 0xF3, 0x0F, 0x10 (...)

Intel reference says that the sequence refers to either "movss Vss,
Wss" (prefix F3) or "movupd Vpd, Wpd" (prefix 66). The question arises
how this sequence should be recognized with both prefixes ? I've found
that many disassemblers give different results. In other words, how to decode these bytes properly?

which prefix should "win" and, thus, which sequence is proper:

db 0x66,
movss Vss, Wss


db 0xF3,
movupd Vpd, Wpd


I'd be grateful for help,
Regards notpyrc

3 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.

Hi notpyrc,

Intel manuals are poor when searching for such information (in such cases, they usually say the opcode is undefined, what is not true).

In this case, the best is real test. Because I'm using OllyDbg 1.10 now, which can't display XMM registers, I use the other opcode, 0F11.

I wrote the following (in MASM):


movupd_result XMMWORD ?
movss_result XMMWORD ?
x66F30F10_result XMMWORD ?

pxor xmm0, xmm0 ; set xmm0 to zero
movapd [movupd_result], xmm0 ; init all to zero
movapd [movss_result], xmm0
movapd [x66F30F10_result], xmm0

pcmpeqb xmm0, xmm0 ; set xmm0 to -1

movupd [movupd_result], xmm0
movss dword ptr [movss_result], xmm0

DB 066h, 0F3h, 00Fh, 011h, 005h
DD OFFSET x66F30F10_result

END Start

This is a proof that the opcode acts as MOVSS (66h is ignored). Try to step it in a debugger and watch the memory.

Thank you very much for the brilliant answer.

Leave a Comment

Please sign in to add a comment. Not a member? Join today