Last modified: Thu Jun 18 07:07:06 UTC+0200 2026 © A. Tarpai

Analysis and reverse engineering some instructions

Going deeper into some machine instructions to understand how the CPU works: instruction encoding principles, 16/32-bit code mixing etc.

In a way by first looking at the original 8086 implementation and then how instructions evolved into 32-bit.

Eg. the 8086 instruction bytes to add sign-extended immediate byte to register:

83 C0 09     ADD AX, 9

In 32-bit mode the same machine code bytes are interpreted as 32-bit instructions:

83 C0 09     add eax, 9

The w-bit in opcode bytes means byte- or word (16-bit) operation for the 8086. The same opcode is then byte- or dword (32-bit) operation, when running in 32-bit mode. More details about these in addr.

Also with some detailed analysis and reverse engineering some instruction groups.

Note: 386 in these pages means IA-32, the 32-bit CPU programming model.