Assembly 06
Outline cmp (review) Jump commands test mnemonic bt mnemonic Addressing 1
cmp (Review) cmp command compares two operands cmp, cmp works by subtracting right from left and temporarily storing the result (hidden from you) result = left – right 2
cmp (Review) cmp, result = left – right if left == right ---> result = 0 if left > right ---> result > 0 if left result < 0 3 keep this in mind…
Jump Commands Many jump commands jmp, je, ja, jb, jnae, … Conditional jumps examine flag(s) to decide what to do Placed immediately after cmp instruction If jump condition not met, execution “falls through” to next instruction jmp mnemonic always jumps to label e.g., jmp DONE;will jump to DONE label 4
jump Commands 5 condition operato r unsigne d values jumps when signed values jumps when equal==jeZF==1jeZF==1 not equal!=jneZF==0jneZF==0 greater than>ja CF==0 and ZF==0 jg ZF==0 or SF==OF less than<jbCF==1jlSF != OF greater than equal to >=jaeCF==0jgeSF==OF less than equal to<=jbe CF==1 or ZF==1 jle ZF==1 or SF != OF ZF: zero flag SF: sign flag CF: carry flag OF: overflow flag
jump Commands 6 condition operato r unsigne d values jumps when signed values jumps when equal==jeZF==1jeZF==1 not equal!=jneZF==0jneZF==0 greater than>ja CF==0 and ZF==0 jg ZF==0 or SF==OF less than<jbCF==1jlSF != OF greater than equal to >=jaeCF==0jgeSF==OF less than equal to<=jbe CF==1 or ZF==1 jle ZF==1 or SF != OF ZF: zero flag SF: sign flag CF: carry flag OF: overflow flag
jump Commands je -> “jump if equal” jumps when ZF==1 cmp, result = left – right if left == right, result = 0 ZF set! 7
jump Commands jne -> “jump if not equal” jumps when ZF==0 cmp, result = left – right if left != right, result != 0 ZF clear! 8
jump Commands Encourage you to think about other conditions What happens to flags during cmp instruction? How does that relate to the logical operation? cmp, result = left - right 9
jump Commands Conditional jumps have synonyms: Greater than or equal to not less than 10
jump Commands 11 mnemoni c meaning synony m meaning jaJump if AbovejnbeJump if Not Below or Equal jaeJump if Above or EqualjnbJump if Not Below jbJump if BelowjnaeJump if Not Above or Equal jbeJump if Below or EqualjnaJump if Not Above jeJump if EqualjzJump if Zero jneJump if Not EqualjnzJump if Not Zero jgJump if GreaterjnleJump if Not Less or Equal jge Jump if Greater or Equal jnlJump if Not Less jlJump if LessjngeJump if Not Greater or Equal jleJump if Less or EqualjngJump if Not Greater
jump Commands 12 mnemoni c meaning synony m meaning jaJump if AbovejnbeJump if Not Below or Equal jaeJump if Above or EqualjnbJump if Not Below jbJump if BelowjnaeJump if Not Above or Equal jbeJump if Below or EqualjnaJump if Not Above
jump Commands 13 mnemoni c meaning synony m meaning jeJump if EqualjzJump if Zero jneJump if Not EqualjnzJump if Not Zero
jump Commands 14 mnemoni c meaning synony m meaning jgJump if GreaterjnleJump if Not Less or Equal jge Jump if Greater or Equal jnlJump if Not Less jlJump if LessjngeJump if Not Greater or Equal jleJump if Less or EqualjngJump if Not Greater
jump Commands msg: db 10; in.data len: equ $-msg; in.data ; system call to print msg to stdout (not shown) ; for each character in msg (loop code not shown) cmp byte [msg + eax], compare byte to jne _skip; if byte != jump to _skip mov byte [msg + eax], ‘l’; if byte == replace with ‘l’ ; _skip label to continue loop.. (not shown) ; system call to print msg to stdout (not shown) ; system call to exit gracefully (not shown) 15
jump Commands UNIX>./example Hello World!! UNIX> 16
test Mnemonic Bit testing common in assembly test ==> cmp instruction for bits test performs logical AND operation between operands test does NOT modify destination operand test, 17
test Mnemonic test only good at finding one 1, not 0s if test “passes”, ZF=0 if test “fails”, ZF=1 18
test Mnemonic mov al, b; mov bl, b; test al, bl; 19 al bl ZF
test Mnemonic mov al, b; mov bl, b; test al, bl; al bl ZF
test Mnemonic mov al, b; mov bl, b; test al, bl; al bl ZF
test Mnemonic mov al, b; mov bl, b; test al, bl; al bl ZF
test Mnemonic mov al, b; mov bl, al; test al, bl; 23 al bl ZF
test Mnemonic mov al, b; mov bl, al; test al, bl; al bl ZF
test Mnemonic mov al, b; mov bl, al; test al, bl; al bl ZF
test Mnemonic mov al, b; mov bl, al; test al, bl; al bl ZF
bt Mnemonic bt -> bit test Used to examine a single bit Can test for 1 OR 0 Modifies CF depending on bit bt, 27
bt Mnemonic bt, bit # specifies the actual “bit number” LSB is 0 th bit if bit at bit # is 1, CF = 1 if bit at bit # is 0, CF = 0 Use jnc (jump if not carry) after bt 28
bt Mnemonic mov al, b; bt eax, 0; check 0 th bit bt eax, 4; check 4 th bit 29
bt Mnemonic mov al, b bt eax, 0 bt eax, 4 30 al CF
bt Mnemonic mov al, b bt eax, 0 bt eax, al CF
bt Mnemonic mov al, b bt eax, 0 bt eax, al CF
bt Mnemonic mov al, b bt eax, 0 bt eax, al CF
Addressing Book claims that: “memory addressing is the key skill in assembly language programming” Book goes into way too much detail about addressing Displacement, index, offset, base, scale, … (yada-yada-yada) Focus on what you need to know How to access different data types in arrays 34
Addressing Data access for byte arrays: array: db 8,6,7,5,3,0,9;in.data mov al, byte [array + 3]; in.text ; access byte at array[3] 35 array’s address index into array
Addressing Data access for byte arrays: array: db 8,6,7,5,3,0,9;in.data mov ebx, 3; mov al, byte [array + ebx]; in.text ; access byte at array[3] 36 array’s address index can be 32-bit register
Addressing Data access for byte arrays: array: db 8,6,7,5,3,0,9;in.data mov al, byte [array + 3]; in.text ; access byte at array[3] 37 index is in terms of number of bytes
Addressing [array + 3] = data at address (array + 3 bytes) array: index index is in terms of number of bytes
Addressing What happens when the array is another data type? E.g., 16-bit word or 32-bit dword? How do you access a data element? array of 16-bit items array of 32-bit items index
Addressing array: dw 0x0123, 0xABCD; in.data mov ax, [array]; in.text mov bx, [array + 1] mov cx, [array + 2] 40
Addressing array: dw 0x0123, 0xABCD; mov ax, [array] mov bx, [array + 1] mov cx, [array + 2] index array ax bx cx
Addressing array: dw 0x0123, 0xABCD; mov ax, [array] mov bx, [array + 1] mov cx, [array + 2] index array 0x0123 ax bx cx 01CDAB x86 is little endian
Addressing array: dw 0x0123, 0xABCD; mov ax, [array] mov bx, [array + 1] mov cx, [array + 2] index array 0x0123 ax 0xCD01 bx cx 01CDAB x86 is little endian
Addressing array: dw 0x0123, 0xABCD; mov ax, [array] mov bx, [array + 1] mov cx, [array + 2] index array 0x0123 ax 0xCD01 bx 0xABCD cx 01CDAB x86 is little endian
Addressing array: dw 0x0123, 0xABCD; mov ax, [array] mov bx, [array + 1] mov cx, [array + 2] index array 0x0123 ax 0xCD01 bx 0xABCD cx 01CDAB What happened?? Shouldn’t array[1] = 0xABCD?
Addressing In assembly, the array’s index is based on number of bytes Previous example, array contains 16-bit (2-byte) data items Hence why [array + 2] produced the “second” 16-bit data item mov cx, [array + 2] 46 0xABCD cx 23 array 01CDAB
Addressing An array’s index is based on number of bytes Also explains outcome: mov bx, [array + 1] 47 0xCD01 bx 23 array 01CDAB
Addressing So, how do we address this? (pun intended) We scale the index: For byte arrays, multiply index by 1 (implicit) For word arrays, multiply index by 2 For dword arrays, multiply index by 4 mov cx, [array + 1*2] == mov cx, [array + 2] 48
Addressing array: dd 32768, 42991, 23486, 77877;in.data mov eax, [array + ???];in.text ; want to access data item ; at index 3. How?? 49
Addressing array: dd 32768, 42991, 23486, 77877;in.data mov eax, [array + 3*4];in.text ; want to access data item ; at index 3. How?? 50
Addressing It’s convenient to declare scale as constant in.data array: dd 32768, 42991, 23486, scale: equ 4; 4 bytes for dwords. mov eax, [array + 3*scale]; array[3] 51
Translational Tables and xlat Mnemonic Encourage you to read pages Translational tables can be convenient xlat command can also be convenient Uses implicit operands… 52