What is register %eiz?

Question

In the following assembly code that I dumped out using objdump:

lea    0x0(%esi,%eiz,1),%esi

What is register %eiz

Answer 1

Andy Ross provides a lot more of the underlying reasoning, but is unfortunately wrong or at the very least confusing about the technical details. It is true that an effective address of just (%esp) cannot be encoded with just the ModR/M byte as instead of being decoded as (%esp), it is used to signal that a SIB byte is also included. However, the %eiz pseudo-register is not always used with a SIB byte to represent that a SIB byte was used.

The SIB byte (scale/index/base) has three pieces to it: the index (a register such as as %eax or %ecx that the scale is applied to), the scale (a power of two from 1 to 8 that the index register is multiplied by), and the base (another register that is added to the scaled index). This is what allows for instructions such as add %al,(%ebx,%ecx,2) (machine code: 00 04 4b -- opcode, modr/m, sib (note no %eiz register even though the SIB byte was used)) (or in Intel syntax, "add BYTE PTR [ecx*2+ebx], al").

However, %esp cannot be used as the index register in a SIB byte. Instead of allowing this option, Intel instead adds an option to use the base register as is with no scaling or indexing. Therefore to disambiguate between the case of add %al,(%ecx) (machine code: 00 01 -- opcode, modr/m) and add %al,(%ecx) (machine code: 00 04 21 -- opcode, modr/m, sib), the alternate syntax add %al,(%ecx,%eiz,1) is instead used (or for Intel syntax: add BYTE PTR [ecx+eiz*1],al).

And as explained in the article linked to by Sinan, this specific instruction (lea 0x0(%esi,%eiz,1),%esi) is merely used as a multi-byte nop (equivalent to esi = &*esi) so that only one nop-like instruction has to be executed instead of multiple nop instructions.