1

I didn't understand what this command does, for example:

'movzx eax, byte [rax]'

Before the command executed the value of rax was : '0x7ffff253c523' and after this line it became '0x00000070', why? I can really use some explanation or example, didn't find any good source.. thanks!!

roye1233
  • 110
  • 2
  • 13
  • 1
    Have you read the [instruction set reference](https://c9x.me/x86/html/file_module_x86_id_209.html)? What part of that is unclear? – fuz Nov 14 '20 at 16:37
  • 1
    @fuz The part with the zero extend :\ – roye1233 Nov 14 '20 at 16:42
  • 1
    I see. Zero extension means to extend the size of a datum by padding (extending) it with zeroes. This is in contrast to sign extension which pads with copies of the sign bit. Zero extension preserves the value of unsigned numbers while sign extension preserves the value of signed numbers. – fuz Nov 14 '20 at 16:51
  • @fuz Thanks for the explanation, but I didn't understand how it is expressed in my case (pleas see the update), thanks again! – roye1233 Nov 14 '20 at 17:04
  • 3
    Note that `byte [rax]` is a memory operand, so a byte is fetched from memory at the address in `rax` and then zero extended. The value of this byte was `0x70`. – fuz Nov 14 '20 at 17:10
  • @fuz Now everything makes sence, thank you! – roye1233 Nov 14 '20 at 17:28
  • 3
    Sign extension and zero extension are among the few operations that allow multiple operands *of different sizes* -- here byte [rax] is an 8-bit operand and eax is 32-bit operand. By contrast, add, and, sub, cmp, etc.. do not support differing size operands, So, you can use sign and zero extension to increase the width as needed to match the width of some other operand you wanted to add/and. – Erik Eidt Nov 14 '20 at 17:34

0 Answers0