1 //: operating on memory at the address provided by some register
  2 //: we'll now start providing data in a separate segment
  3 
  4 :(scenario add_r32_to_mem_at_r32)
  5 % Reg[EBX].i = 0x10;
  6 % Reg[EAX].i = 0x60;
  7 == 0x1  # code segment
  8 # op  ModR/M  SIB   displacement  immediate
  9   01  18                                     # add EBX to *EAX
 10 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
 11 == 0x60  # data segment
 12 01 00 00 00  # 1
 13 +run: add EBX to r/m32
 14 +run: effective address is 0x60 (EAX)
 15 +run: storing 0x00000011
 16 
 17 :(before "End Mod Special-cases(addr)")
 18 case 0:  // indirect addressing
 19   switch (rm) {
 20   default:  // address in register
 21     trace(90, "run") << "effective address is 0x" << std::hex << Reg[rm].u << " (" << rname(rm) << ")" << end();
 22     addr = Reg[rm].u;
 23     break;
 24   // End Mod 0 Special-cases(addr)
 25   }
 26   break;
 27 
 28 //:
 29 
 30 :(before "End Initialize Op Names(name)")
 31 put(name, "03", "add rm32 to r32");
 32 
 33 :(scenario add_mem_at_r32_to_r32)
 34 % Reg[EAX].i = 0x60;
 35 % Reg[EBX].i = 0x10;
 36 == 0x1  # code segment
 37 # op  ModR/M  SIB   displacement  immediate
 38   03  18                                      # add *EAX to EBX
 39 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
 40 == 0x60  # data segment
 41 01 00 00 00  # 1
 42 +run: add r/m32 to EBX
 43 +run: effective address is 0x60 (EAX)
 44 +run: storing 0x00000011
 45 
 46 :(before "End Single-Byte Opcodes")
 47 case 0x03: {  // add r/m32 to r32
 48   uint8_t modrm = next();
 49   uint8_t arg1 = (modrm>>3)&0x7;
 50   trace(90, "run") << "add r/m32 to " << rname(arg1) << end();
 51   const int32_t* arg2 = effective_address(modrm);
 52   BINARY_ARITHMETIC_OP(+, Reg[arg1].i, *arg2);
 53   break;
 54 }
 55 
 56 //:: subtract
 57 
 58 :(scenario subtract_r32_from_mem_at_r32)
 59 % Reg[EAX].i = 0x60;
 60 % Reg[EBX].i = 1;
 61 == 0x1  # code segment
 62 # op  ModR/M  SIB   displacement  immediate
 63   29  18                                      # subtract EBX from *EAX
 64 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
 65 == 0x60  # data segment
 66 0a 00 00 00  # 10
 67 +run: subtract EBX from r/m32
 68 +run: effective address is 0x60 (EAX)
 69 +run: storing 0x00000009
 70 
 71 //:
 72 
 73 :(before "End Initialize Op Names(name)")
 74 put(name, "2b", "subtract rm32 from r32");
 75 
 76 :(scenario subtract_mem_at_r32_from_r32)
 77 % Reg[EAX].i = 0x60;
 78 % Reg[EBX].i = 10;
 79 == 0x1  # code segment
 80 # op  ModR/M  SIB   displacement  immediate
 81   2b  18                                      # subtract *EAX from EBX
 82 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
 83 == 0x60  # data segment
 84 01 00 00 00  # 1
 85 +run: subtract r/m32 from EBX
 86 +run: effective address is 0x60 (EAX)
 87 +run: storing 0x00000009
 88 
 89 :(before "End Single-Byte Opcodes")
 90 case 0x2b: {  // subtract r/m32 from r32
 91   uint8_t modrm = next();
 92   uint8_t arg1 = (modrm>>3)&0x7;
 93   trace(90, "run") << "subtract r/m32 from " << rname(arg1) << end();
 94   const int32_t* arg2 = effective_address(modrm);
 95   BINARY_ARITHMETIC_OP(-, Reg[arg1].i, *arg2);
 96   break;
 97 }
 98 
 99 //:: and
100 
101 :(scenario and_r32_with_mem_at_r32)
102 % Reg[EAX].i = 0x60;
103 % Reg[EBX].i = 0xff;
104 == 0x1  # code segment
105 # op  ModR/M  SIB   displacement  immediate
106   21  18                                      # and EBX with *EAX
107 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
108 == 0x60  # data segment
109 0d 0c 0b 0a  # 0x0a0b0c0d
110 +run: and EBX with r/m32
111 +run: effective address is 0x60 (EAX)
112 +run: storing 0x0000000d
113 
114 //:
115 
116 :(before "End Initialize Op Names(name)")
117 put(name, "23", "r32 = bitwise AND of r32 with rm32");
118 
119 :(scenario and_mem_at_r32_with_r32)
120 % Reg[EAX].i = 0x60;
121 % Reg[EBX].i = 0x0a0b0c0d;
122 == 0x1  # code segment
123 # op  ModR/M  SIB   displacement  immediate
124   23  18                                      # and *EAX with EBX
125 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
126 == 0x60  # data segment
127 ff 00 00 00  # 0xff
128 +run: and r/m32 with EBX
129 +run: effective address is 0x60 (EAX)
130 +run: storing 0x0000000d
131 
132 :(before "End Single-Byte Opcodes")
133 case 0x23: {  // and r/m32 with r32
134   uint8_t modrm = next();
135   uint8_t arg1 = (modrm>>3)&0x7;
136   trace(90, "run") << "and r/m32 with " << rname(arg1) << end();
137   const int32_t* arg2 = effective_address(modrm);
138   BINARY_BITWISE_OP(&, Reg[arg1].u, *arg2);
139   break;
140 }
141 
142 //:: or
143 
144 :(scenario or_r32_with_mem_at_r32)
145 % Reg[EAX].i = 0x60;
146 % Reg[EBX].i = 0xa0b0c0d0;
147 == 0x1  # code segment
148 # op  ModR/M  SIB   displacement  immediate
149   09  18                                      # or EBX with *EAX
150 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
151 == 0x60  # data segment
152 0d 0c 0b 0a  # 0x0a0b0c0d
153 +run: or EBX with r/m32
154 +run: effective address is 0x60 (EAX)
155 +run: storing 0xaabbccdd
156 
157 //:
158 
159 :(before "End Initialize Op Names(name)")
160 put(name, "0b", "r32 = bitwise OR of r32 with rm32");
161 
162 :(scenario or_mem_at_r32_with_r32)
163 % Reg[EAX].i = 0x60;
164 % Reg[EBX].i = 0xa0b0c0d0;
165 == 0x1  # code segment
166 # op  ModR/M  SIB   displacement  immediate
167   0b  18                                      # or *EAX with EBX
168 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
169 == 0x60  # data segment
170 0d 0c 0b 0a  # 0x0a0b0c0d
171 +run: or r/m32 with EBX
172 +run: effective address is 0x60 (EAX)
173 +run: storing 0xaabbccdd
174 
175 :(before "End Single-Byte Opcodes")
176 case 0x0b: {  // or r/m32 with r32
177   uint8_t modrm = next();
178   uint8_t arg1 = (modrm>>3)&0x7;
179   trace(90, "run") << "or r/m32 with " << rname(arg1) << end();
180   const int32_t* arg2 = effective_address(modrm);
181   BINARY_BITWISE_OP(|, Reg[arg1].u, *arg2);
182   break;
183 }
184 
185 //:: xor
186 
187 :(scenario xor_r32_with_mem_at_r32)
188 % Reg[EAX].i = 0x60;
189 % Reg[EBX].i = 0xa0b0c0d0;
190 == 0x1  # code segment
191 # op  ModR/M  SIB   displacement  immediate
192   31  18                                      # xor EBX with *EAX
193 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
194 == 0x60  # data segment
195 0d 0c bb aa  # 0xaabb0c0d
196 +run: xor EBX with r/m32
197 +run: effective address is 0x60 (EAX)
198 +run: storing 0x0a0bccdd
199 
200 //:
201 
202 :(before "End Initialize Op Names(name)")
203 put(name, "33", "r32 = bitwise XOR of r32 with rm32");
204 
205 :(scenario xor_mem_at_r32_with_r32)
206 % Reg[EAX].i = 0x60;
207 % Reg[EBX].i = 0xa0b0c0d0;
208 == 0x1  # code segment
209 # op  ModR/M  SIB   displacement  immediate
210   33  18                                      # xor *EAX with EBX
211 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
212 == 0x60  # data segment
213 0d 0c 0b 0a  # 0x0a0b0c0d
214 +run: xor r/m32 with EBX
215 +run: effective address is 0x60 (EAX)
216 +run: storing 0xaabbccdd
217 
218 :(before "End Single-Byte Opcodes")
219 case 0x33: {  // xor r/m32 with r32
220   uint8_t modrm = next();
221   uint8_t arg1 = (modrm>>3)&0x7;
222   trace(90, "run") << "xor r/m32 with " << rname(arg1) << end();
223   const int32_t* arg2 = effective_address(modrm);
224   BINARY_BITWISE_OP(|, Reg[arg1].u, *arg2);
225   break;
226 }
227 
228 //:: not
229 
230 :(scenario not_r32_with_mem_at_r32)
231 % Reg[EBX].i = 0x60;
232 == 0x1  # code segment
233 # op  ModR/M  SIB   displacement  immediate
234   f7  03                                      # negate *EBX
235 # ModR/M in binary: 00 (indirect mode) 000 (unused) 011 (dest EBX)
236 == 0x60  # data segment
237 ff 00 0f 0f  # 0x0f0f00ff
238 +run: 'not' of r/m32
239 +run: effective address is 0x60 (EBX)
240 +run: storing 0xf0f0ff00
241 
242 //:: compare (cmp)
243 
244 :(scenario compare_mem_at_r32_with_r32_greater)
245 % Reg[EAX].i = 0x60;
246 % Reg[EBX].i = 0x0a0b0c07;
247 == 0x1  # code segment
248 # op  ModR/M  SIB   displacement  immediate
249   39  18                                      # compare EBX with *EAX
250 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
251 == 0x60  # data segment
252 0d 0c 0b 0a  # 0x0a0b0c0d
253 +run: compare EBX with r/m32
254 +run: effective address is 0x60 (EAX)
255 +run: SF=0; ZF=0; OF=0
256 
257 :(scenario compare_mem_at_r32_with_r32_lesser)
258 % Reg[EAX].i = 0x60;
259 % Reg[EBX].i = 0x0a0b0c0d;
260 == 0x1  # code segment
261 # op  ModR/M  SIB   displacement  immediate
262   39  18                                      # compare EBX with *EAX
263 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
264 == 0x60  # data segment
265 07 0c 0b 0a  # 0x0a0b0c0d
266 +run: compare EBX with r/m32
267 +run: effective address is 0x60 (EAX)
268 +run: SF=1; ZF=0; OF=0
269 
270 :(scenario compare_mem_at_r32_with_r32_equal)
271 % Reg[EAX].i = 0x60;
272 % Reg[EBX].i = 0x0a0b0c0d;
273 == 0x1  # code segment
274 # op  ModR/M  SIB   displacement  immediate
275   39  18                                      # compare EBX with *EAX
276 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
277 == 0x60  # data segment
278 0d 0c 0b 0a  # 0x0a0b0c0d
279 +run: compare EBX with r/m32
280 +run: effective address is 0x60 (EAX)
281 +run: SF=0; ZF=1; OF=0
282 
283 //:
284 
285 :(before "End Initialize Op Names(name)")
286 put(name, "3b", "set SF if rm32 > r32");
287 
288 :(scenario compare_r32_with_mem_at_r32_greater)
289 % Reg[EAX].i = 0x60;
290 % Reg[EBX].i = 0x0a0b0c0d;
291 == 0x1  # code segment
292 # op  ModR/M  SIB   displacement  immediate
293   3b  18                                      # compare *EAX with EBX
294 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
295 == 0x60  # data segment
296 07 0c 0b 0a  # 0x0a0b0c0d
297 +run: compare r/m32 with EBX
298 +run: effective address is 0x60 (EAX)
299 +run: SF=0; ZF=0; OF=0
300 
301 :(before "End Single-Byte Opcodes")
302 case 0x3b: {  // set SF if r32 < r/m32
303   uint8_t modrm = next();
304   uint8_t reg1 = (modrm>>3)&0x7;
305   trace(90, "run") << "compare r/m32 with " << rname(reg1) << end();
306   int32_t arg1 = Reg[reg1].i;
307   int32_t* arg2 = effective_address(modrm);
308   int32_t tmp1 = arg1 - *arg2;
309   SF = (tmp1 < 0);
310   ZF = (tmp1 == 0);
311   int64_t tmp2 = arg1 - *arg2;
312   OF = (tmp1 != tmp2);
313   trace(90, "run") << "SF=" << SF << "; ZF=" << ZF << "; OF=" << OF << end();
314   break;
315 }
316 
317 :(scenario compare_r32_with_mem_at_r32_lesser)
318 % Reg[EAX].i = 0x60;
319 % Reg[EBX].i = 0x0a0b0c07;
320 == 0x1  # code segment
321 # op  ModR/M  SIB   displacement  immediate
322   3b  18                                      # compare *EAX with EBX
323 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
324 == 0x60  # data segment
325 0d 0c 0b 0a  # 0x0a0b0c0d
326 +run: compare r/m32 with EBX
327 +run: effective address is 0x60 (EAX)
328 +run: SF=1; ZF=0; OF=0
329 
330 :(scenario compare_r32_with_mem_at_r32_equal)
331 % Reg[EAX].i = 0x60;
332 % Reg[EBX].i = 0x0a0b0c0d;
333 == 0x1  # code segment
334 # op  ModR/M  SIB   displacement  immediate
335   3b  18                                      # compare *EAX with EBX
336 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
337 == 0x60  # data segment
338 0d 0c 0b 0a  # 0x0a0b0c0d
339 +run: compare r/m32 with EBX
340 +run: effective address is 0x60 (EAX)
341 +run: SF=0; ZF=1; OF=0
342 
343 //:: copy (mov)
344 
345 :(scenario copy_r32_to_mem_at_r32)
346 % Reg[EBX].i = 0xaf;
347 % Reg[EAX].i = 0x60;
348 == 0x1
349 # op  ModR/M  SIB   displacement  immediate
350   89  18                                      # copy EBX to *EAX
351 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
352 +run: copy EBX to r/m32
353 +run: effective address is 0x60 (EAX)
354 +run: storing 0x000000af
355 
356 //:
357 
358 :(before "End Initialize Op Names(name)")
359 put(name, "8b", "copy rm32 to r32");
360 
361 :(scenario copy_mem_at_r32_to_r32)
362 % Reg[EAX].i = 0x60;
363 == 0x1  # code segment
364 # op  ModR/M  SIB   displacement  immediate
365   8b  18                                      # copy *EAX to EBX
366 # ModR/M in binary: 00 (indirect mode) 011 (src EAX) 000 (dest EAX)
367 == 0x60  # data segment
368 af 00 00 00  # 0xaf
369 +run: copy r/m32 to EBX
370 +run: effective address is 0x60 (EAX)
371 +run: storing 0x000000af
372 
373 :(before "End Single-Byte Opcodes")
374 case 0x8b: {  // copy r32 to r/m32
375   uint8_t modrm = next();
376   uint8_t reg1 = (modrm>>3)&0x7;
377   trace(90, "run") << "copy r/m32 to " << rname(reg1) << end();
378   int32_t* arg2 = effective_address(modrm);
379   Reg[reg1].i = *arg2;
380   trace(90, "run") << "storing 0x" << HEXWORD << *arg2 << end();
381   break;
382 }
383 
384 //:: jump
385 
386 :(before "End Initialize Op Names(name)")
387 put(name, "ff", "jump/push/call rm32 based on subop");
388 
389 :(scenario jump_mem_at_r32)
390 % Reg[EAX].i = 0x60;
391 == 0x1  # code segment
392 # op  ModR/M  SIB   displacement  immediate
393   ff  20                                      # jump to *EAX
394 # ModR/M in binary: 00 (indirect mode) 100 (jump to r/m32) 000 (src EAX)
395   05                              00 00 00 01
396   05                              00 00 00 02
397 == 0x60  # data segment
398 08 00 00 00  # 8
399 +run: inst: 0x00000001
400 +run: jump to r/m32
401 +run: effective address is 0x60 (EAX)
402 +run: jumping to 0x00000008
403 +run: inst: 0x00000008
404 -run: inst: 0x00000003
405 
406 :(before "End Single-Byte Opcodes")
407 case 0xff: {
408   uint8_t modrm = next();
409   uint8_t subop = (modrm>>3)&0x7;  // middle 3 'reg opcode' bits
410   switch (subop) {
411     case 4: {  // jump to r/m32
412       trace(90, "run") << "jump to r/m32" << end();
413       int32_t* arg2 = effective_address(modrm);
414       EIP = *arg2;
415       trace(90, "run") << "jumping to 0x" << HEXWORD << EIP << end();
416       break;
417     }
418     // End Op ff Subops
419   }
420   break;
421 }
422 
423 //:: push
424 
425 :(scenario push_mem_at_r32)
426 % Reg[EAX].i = 0x60;
427 % Reg[ESP].u = 0x14;
428 == 0x1  # code segment
429 # op  ModR/M  SIB   displacement  immediate
430   ff  30                                      # push *EAX to stack
431 # ModR/M in binary: 00 (indirect mode) 110 (push r/m32) 000 (src EAX)
432 == 0x60  # data segment
433 af 00 00 00  # 0xaf
434 +run: push r/m32
435 +run: effective address is 0x60 (EAX)
436 +run: decrementing ESP to 0x00000010
437 +run: pushing value 0x000000af
438 
439 :(before "End Op ff Subops")
440 case 6: {  // push r/m32 to stack
441   trace(90, "run") << "push r/m32" << end();
442   const int32_t* val = effective_address(modrm);
443   push(*val);
444   break;
445 }
446 
447 //:: pop
448 
449 :(before "End Initialize Op Names(name)")
450 put(name, "8f", "pop top of stack to rm32");
451 
452 :(scenario pop_mem_at_r32)
453 % Reg[EAX].i = 0x60;
454 % Reg[ESP].u = 0x10;
455 == 0x1  # code segment
456 # op  ModR/M  SIB   displacement  immediate
457   8f  00                                      # pop stack into *EAX
458 # ModR/M in binary: 00 (indirect mode) 000 (pop r/m32) 000 (dest EAX)
459 == 0x10  # data segment
460 30 00 00 00  # 0x30
461 +run: pop into r/m32
462 +run: effective address is 0x60 (EAX)
463 +run: popping value 0x00000030
464 +run: incrementing ESP to 0x00000014
465 
466 :(before "End Single-Byte Opcodes")
467 case 0x8f: {  // pop stack into r/m32
468   uint8_t modrm = next();
469   uint8_t subop = (modrm>>3)&0x7;
470   switch (subop) {
471     case 0: {
472       trace(90, "run") << "pop into r/m32" << end();
473       int32_t* dest = effective_address(modrm);
474       *dest = pop();
475       break;
476     }
477   }
478   break;
479 }
480 
481 //:: special-case for loading address from disp32 rather than register
482 
483 :(scenario add_r32_to_mem_at_displacement)
484 % Reg[EBX].i = 0x10;  // source
485 == 0x1  # code segment
486 # op  ModR/M  SIB   displacement  immediate
487   01  1d            60 00 00 00              # add EBX to *0x60
488 # ModR/M in binary: 00 (indirect mode) 011 (src EBX) 101 (dest in disp32)
489 == 0x60  # data segment
490 01 00 00 00  # 1
491 +run: add EBX to r/m32
492 +run: effective address is 0x60 (disp32)
493 +run: storing 0x00000011
494 
495 :(before "End Mod 0 Special-cases(addr)")
496 case 5:  // exception: mod 0b00 rm 0b101 => incoming disp32
497   addr = imm32();
498   trace(90, "run") << "effective address is 0x" << std::hex << addr << " (disp32)" << end();
499   break;
500 
501 //:
502 
503 :(scenario add_r32_to_mem_at_r32_plus_disp8)
504 % Reg[EBX].i = 0x10;  // source
505 % Reg[EAX].i = 0x5e;  // dest
506 == 0x1  # code segment
507 # op  ModR/M  SIB   displacement  immediate
508   01  58            02                       # add EBX to *(EAX+2)
509 # ModR/M in binary: 01 (indirect+disp8 mode) 011 (src EBX) 000 (dest EAX)
510 == 0x60  # data segment
511 01 00 00 00  # 1
512 +run: add EBX to r/m32
513 +run: effective address is initially 0x5e (EAX)
514 +run: effective address is 0x60 (after adding disp8)
515 +run: storing 0x00000011
516 
517 :(before "End Mod Special-cases(addr)")
518 case 1:  // indirect + disp8 addressing
519   switch (rm) {
520   default:
521     addr = Reg[rm].u;
522     trace(90, "run") << "effective address is initially 0x" << std::hex << addr << " (" << rname(rm) << ")" << end();
523     break;
524   // End Mod 1 Special-cases(addr)
525   }
526   if (addr > 0) {
527     addr += static_cast<int8_t>(next());
528     trace(90, "run") << "effective address is 0x" << std::hex << addr << " (after adding disp8)" << end();
529   }
530   break;
531 
532 :(scenario add_r32_to_mem_at_r32_plus_negative_disp8)
533 % Reg[EBX].i = 0x10;  // source
534 % Reg[EAX].i = 0x61;  // dest
535 == 0x1  # code segment
536 # op  ModR/M  SIB   displacement  immediate
537   01  58            ff                       # add EBX to *(EAX-1)
538 # ModR/M in binary: 01 (indirect+disp8 mode) 011 (src EBX) 000 (dest EAX)
539 == 0x60  # data segment
540 01 00 00 00  # 1
541 +run: add EBX to r/m32
542 +run: effective address is initially 0x61 (EAX)
543 +run: effective address is 0x60 (after adding disp8)
544 +run: storing 0x00000011
545 
546 //:
547 
548 :(scenario add_r32_to_mem_at_r32_plus_disp32)
549 % Reg[EBX].i = 0x10;  // source
550 % Reg[EAX].i = 0x5e;  // dest
551 == 0x1  # code segment
552 # op  ModR/M  SIB   displacement  immediate
553   01  98            02 00 00 00              # add EBX to *(EAX+2)
554 # ModR/M in binary: 10 (indirect+disp32 mode) 011 (src EBX) 000 (dest EAX)
555 == 0x60  # data segment
556 01 00 00 00  # 1
557 +run: add EBX to r/m32
558 +run: effective address is initially 0x5e (EAX)
559 +run: effective address is 0x60 (after adding disp32)
560 +run: storing 0x00000011
561 
562 :(before "End Mod Special-cases(addr)")
563 case 2:  // indirect + disp32 addressing
564   switch (rm) {
565   default:
566     addr = Reg[rm].u;
567     trace(90, "run") << "effective address is initially 0x" << std::hex << addr << " (" << rname(rm) << ")" << end();
568     break;
569   // End Mod 2 Special-cases(addr)
570   }
571   if (addr > 0) {
572     addr += imm32();
573     trace(90, "run") << "effective address is 0x" << std::hex << addr << " (after adding disp32)" << end();
574   }
575   break;
576 
577 :(scenario add_r32_to_mem_at_r32_plus_negative_disp32)
578 % Reg[EBX].i = 0x10;  // source
579 % Reg[EAX].i = 0x61;  // dest
580 == 0x1  # code segment
581 # op  ModR/M  SIB   displacement  immediate
582   01  98            ff ff ff ff              # add EBX to *(EAX-1)
583 # ModR/M in binary: 10 (indirect+disp32 mode) 011 (src EBX) 000 (dest EAX)
584 == 0x60  # data segment
585 01 00 00 00  # 1
586 +run: add EBX to r/m32
587 +run: effective address is initially 0x61 (EAX)
588 +run: effective address is 0x60 (after adding disp32)
589 +run: storing 0x00000011