1

I am trying to tell apart the following two instructions:

8D 02 lea eax, [rdx] // auxfix = 0x1810 67 8D 02 lea eax, [edx] // auxfix = 0x810

The only difference is in the insn_t.auxfix field, which seems to hold some operand size flag related to modr/m.

As you can see bit 1 << 12 seems to tell me something ... but how exactly can I interpret this field for x86 and x64?

Improve this question

1 Answer 1

Reset to default
3

Open up intel.hpp that ships with the SDK. The aux prefix flags are defined at the top; the one you're interested in is as follows:

#define aux_natad 0x00001000 // addressing mode is not overridden by prefix
Improve this answer
1
  • Thanks! Seems it's not exposed in ida python. Commented Mar 9, 2022 at 6:35

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.