参考:http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html
https://code.google.com/p/libdasm/
http://nathanmarz.com/blog/you-should-blog-even-if-you-have-no-readers.html(共勉)
汇编指令的格式如下图所示:
参考:http://www.mouseos.com/x64/doc6.html
1. get_instruction
get_instruction函数是libdasm的核心,先看一下该函数的注释和原型
// Fetch instruction
/*
* The operation is quite straightforward:
*
* - determine actual opcode (skip prefixes etc.)
* - figure out which instruction table to use
* - index the table with opcode
* - parse operands
* - fill instruction structure
*
* Only point where this gets hairy is those *brilliant*
* opcode extensions....
*
*/
int get_instruction(PINSTRUCTION inst, BYTE *addr, enum Mode mode) {