I understand that assembler replaces SAL with SHL, since they have exactly the same functionality, but it's bad to see something like this:

C0 ??? (unknown command?)
F2:00 ??? (prefix?)
(I don't know if disassembler says something different, because I write this from my memory).

Is it so hard to disassemble SAL instruction?

bundy: do you have an example for this ? a small program would be nice ...

i think there are some "not very often used" opcodes that are poorly recognized but i need some example/documentation before bugging Olly about.

anyway, thanks for the report

I protected one of my project with PELock (search on protools.cjb.net), and my file crashed. Since I didn't know if it was my fault or PELock's, I traced it a little bit and saw many of this fragmets above. Strange Olly can't debug it. It always displays an exception box or something very familiar.

Later I discovered my file crashed anyway ... a programmer mistake

bundy: if i activate OllyDbg SFX extractor it find OEP in notime as PELock use a lot of anti-disassembling tricks of course that you will get garbage.

of course that you will get garbage
I know ... this is the purpose of anti-disassembling tricks ... but try to trace it ..
or simply follow the jumps ... there you soon will find something similiar like this
I already posted ....

Simply -> Olly is unable to disassemble SAL instruction

bundy: can you provide the opcodes for SAL ? to see where is difference

-- code --
format PE GUI 4.0
entry start

section '.code' code readable writeable executable

start:
mov eax,34h
mov ebx,var1
mov ecx,5
sal dword [ebx],cl
sal eax,1
sal edx,5
sal ebx,7
sal eax,cl
sal edx,cl
sal ebx,cl
ret

var1 dd 'OLLY'
-- /code --

Okay, it's quite useless example, but try to compile it (with FASM) and see it under Olly (

And about the opcodes .. the same example (listing from Hiew):
.00401000: B834000000 mov eax,000000034
.00401005: BB20104000 mov ebx,000401020
.0040100A: B905000000 mov ecx,000000005
.0040100F: D333 sal d,[ebx],cl
.00401011: D1F0 sal eax,1
.00401013: C1F205 sal edx,005 ;"."
.00401016: C1F307 sal ebx,007 ;"."
.00401019: D3F0 sal eax,cl
.0040101B: D3F2 sal edx,cl
.0040101D: D3F3 sal ebx,cl
.0040101F: C3 retn

There are of course not all possible opcodes ..
Hope this example shows the problem!

bundy: excelent bug report, thanks. i had reported to Olly, now waiting for response

Olly's response: According to Intel's documentation, opcode C0 /6 and similar are reserved, valid opcode for SAL is same as for SHL (C0 /4), so it wasn't implemented.