Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Assembly Language

4-up pdf

advertisement 
Data Transfers Instructions
Intel x86 Instruction Set Architecture
Computer
p
Organization
g z
and Assemblyy Languages
g g
Yung-Yu Chuang
with slides by Kip Irvine
MOV instruction
MOV instruction
• Move from source to destination. Syntax:
.data
count BYTE 100
wVal WORD 2
.code
mov bl,count
mov ax,wVal
V l
mov count,al
MOV destination,
d ti ti
source
• Source and destination have the same size
• No
N more than
h one memory operand
d permitted
i d
• CS, EIP, and IP cannot be the destination
• No immediate to segment moves
mov al,wVal
mov ax
ax,count
count
mov eax,count
3
; error
; error
; error
4
Exercise . . .
Memory to memory
Explain why each of the following MOV statements are
invalid:
.data
bVal BYTE
100
bVal2 BYTE
?
wVal WORD
2
dVal DWORD 5
.code
mov ds,45
; a.
mov esi,wVal
; b.
mov eip,dVal
i dV l
; c.
mov 25,bVal
; d.
mov bVal2
bVal2,bVal
bVal
; e
e.
.data
var1 WORD ?
var2 WORD ?
.code
d
mov ax, var1
mov var2, ax
5
6
Copy smaller to larger
Zero extension
.data
count WORD 1
.code
, 0
mov ecx,
mov cx, count
When you copy a smaller value into a larger destination,
pp half of
the MOVZX instruction fills ((extends)) the upper
the destination with zeros.
.data
d
signedVal SWORD -16 ; FFF0h
.code
code
mov ecx, 0
; mov ecx, 0FFFFFFFFh
mov cx
cx, signedVal
0
10001111
Source
00000000
10001111
Destination
movzx r32,r/m8
movzx r32,r/m16
movzx r16,r/m8
mov bl,10001111b
movzx ax,bl
MOVZX and MOVSX instructions take care of extension
for both sign and unsigned integers.
; zero-extension
The
h d
destination must b
be a register.
7
8
Sign extension
MOVZX MOVSX
The MOVSX instruction fills the upper half of the destination
with a copy of the source operand
operand'ss sign bit.
bit
From a smaller location to a larger one
10001111
11111111
10001111
Source
bx,
eax,
edx,
cx,
0A69Bh
bx
bl
bl
; EAX=0000A69Bh
; EDX=0000009Bh
; EAX=009Bh
mov
movsx
movsx
movsx
bx,
eax,
edx,
cx,
0A69Bh
bx
bl
bl
; EAX=FFFFA69Bh
; EDX=FFFFFF9Bh
; EAX=FF9Bh
Destination
mov bl,10001111b
movsx ax,bl
mov
movzx
movzx
movzx
; sign extension
The destination must be a register.
register
9
10
EFLAGS
LAHF/SAHF (load/store status flag from/to AH)
.data
saveflags
fl
BYTE ?
.code
lahf
mov saveflags, ah
...
mov ah,
h saveflags
fl
sahf
S,Z,A,P,C flags are copied.
11
12
XCHG Instruction
Exchange two memory locations
XCHG exchanges the values of two operands. At least one
p
must be a register.
g
No immediate operands
p
are
operand
permitted.
.data
data
var1 WORD 1000h
var2 WORD 2000h
.code
xchg ax,bx
xchg ah,al
xchg var1,bx
xchg eax
eax,ebx
ebx
;
;
;
;
xchg
g var1,var2
; error 2 memory
y operands
p
exchange
exchange
exchange
exchange
.data
var1
1 WORD 1000h
var2 WORD 2000h
.code
mov ax, val1
xchg ax, val2
mov val1, ax
16-bit regs
8-bit regs
mem, reg
32-bit regs
13
14
Addition and Subtraction
• INC and DEC Instructions
• ADD and
d SUB Instructions
I
i
• NEG Instruction
Arithmetic Instructions
• Implementing Arithmetic Expressions
• Flags Affected by Arithmetic
–
–
–
–
Zero
Sign
Carry
Overflow
16
INC and DEC Instructions
INC and DEC Examples
• Add 1, subtract 1 from destination operand
.data
myWord WORD 1000h
myDword DWORD 10000000h
.code
inc myWord
; 1001h
dec myWord
; 1000h
inc myDword
; 10000001h
– operand may be register or memory
• INC destination
• Logic: destination  destination + 1
• DEC destination
• Logic: destination  destination – 1
mov
inc
mov
inc
ax
ax,00FFh
00FFh
ax
ax,00FFh
,
al
; AX = 0100h
; AX = 0000h
17
ADD and SUB Instructions
Exercise...
Show the value of the destination operand after each of
the following
g instructions executes:
.data
myByte BYTE 0FFh, 0
.code
mov al,myByte
l
B t
mov ah,[myByte+1]
dec ah
inc al
dec ax
18
;
;
;
;
;
AL
AH
AH
AL
AX
=
=
=
=
=
•ADD destination, source
• Logic: destination  destination + source
•SUB destination, source
• Logic: destination  destination – source
• Same operand rules as for the MOV instruction
FFh
00h
FFh
00h
FEFF
19
20
ADD and SUB Examples
.data
data
var1 DWORD 10000h
var2 DWORD 20000h
.code
mov eax,var1
add eax,var2
add ax,0FFFFh
add eax
eax,1
1
sub ax,1
NEG (negate) Instruction
Reverses the sign of an operand. Operand can be a
register or memory operand.
operand
;
;
;
;
;
;
.data
valB BYTE -1
1
valW WORD +32767
.code
code
mov al,valB
neg
g al
neg valW
---EAX--00010000h
00030000h
0003FFFFh
00040000h
0004FFFFh
; AL = -1
; AL = +1
; valW = -32767
21
Implementing Arithmetic Expressions
Exercise ...
HLL compilers translate mathematical expressions into
assemblyy language.
g g You can do it also. For example:
p
Translate the following expression into assembly language.
Do not permit Xval,
Xval Yval,
Yval or Zval to be modified:
Rval = -Xval + (Yval – Zval)
Rval DWORD ?
Xval DWORD 26
Yval DWORD 30
Zval DWORD 40
.code
mov eax,Xval
neg eax
mov ebx
ebx,Yval
Yval
sub ebx,Zval
,
add eax,ebx
mov Rval,eax
22
Rval = Xval - (-Yval + Zval)
Assume that all values are signed doublewords.
mov
neg
add
mov
sub
mov
; EAX = -26
ebx,Yval
ebx
ebx,Zval
eax,Xval
eax,ebx
R l
Rval,eax
; EBX = -10
; -36
23
24
Flags Affected by Arithmetic
Zero Flag (ZF)
Whenever the destination operand equals Zero, the
Zero flag
g is set.
• The ALU has a number of status flags that
reflect the o
outcome
tcome of arithmetic (and bit
bitwise)
ise)
operations
mov
sub
mov
c
inc
inc
– based
b d on the
h contents off the
h d
destination
i i operand
d
• Essential flags:
–
–
–
–
Zero flag – destination equals zero
Sign flag – destination is negative
Carry flag – unsigned value out of range
Overflow flag – signed value out of range
cx,1
cx
cx,1
1
ax,0FFFFh
a
ax
ax
; CX = 0
0, ZF = 1
; AX = 0, ZF = 1
; AX = 1, ZF = 0
A flag is set when it equals 1.
A flag is clear when it equals 0.
• The MOV instruction never affects the flags.
25
Sign Flag (SF)
Carry Flag (CF)
• Addition and CF: copy carry out of MSB to CF
• Subtraction
S b
i and
d CF
CF: copy iinverted
d carry out off
MSB to CF
• INC/DEC do not affect CF
pp y g NEG to a nonzero operand
p
sets CF
• Applying
The Sign flag is set when the destination operand is
negative The flag is clear when the destination is
negative.
positive.
mov cx,0
0
sub cx,1
add cx
cx,2
2
26
; CX = -1, SF = 1
; CX = 1
1, SF = 0
The
h sign fl
flag is a copy off the
h destination's
d
highest
h h
b
bit:
mov al,0
sub al,1
add al,2
; AL=11111111b, SF=1
; AL=00000001b, SF=0
27
28
Exercise . . .
Overflow Flag (OF)
For each of the following marked entries, show the
p
and the Sign,
g , Zero,,
values of the destination operand
and Carry flags:
mov
add
sub
add
mov
add
dd
ax
ax,00FFh
00FFh
ax,1
ax,1
al,1
bh,6Ch
bh
bh,95h
95h
mov al,2
sub al,3
The Overflow flag is set when the signed result of an
operation is invalid or out of range.
range
; Example 1
mov al
al,+127
+127
add al,1
; AX= 0100h SF= 0 ZF= 0 CF= 0
; AX= 00FFh SF= 0 ZF= 0 CF= 0
; AL= 00h
SF= 0 ZF= 1 CF= 1
; BH
BH= 01h
; AL= FFh
; Example 2
mov al,7Fh
add al,1
SF=
SF 0 ZF
ZF= 0 CF
CF= 1
; OF = 1,
AL = ??
; OF = 1,
AL = 80h
The two examples are identical at the binary level
because 7Fh equals +127. To determine the value of
the destination operand, it is often easier to calculate
in hexadecimal.
SF= 1 ZF= 0 CF= 1
29
30
A Rule of Thumb
Signed/Unsigned Integers: Hardware Viewpoint
• When adding two integers, remember that the
Overflow flag is only set when . . .
• All CPU instructions operate exactly the same
on signed and unsigned integers
• The CPU cannot distinguish between signed and
unsigned
i
d iintegers
t
• YOU, the programmer, are solely responsible
for using the correct data type with each
instruction
– Two positive operands are added and their sum is
negative
– Two negative operands are added and their sum is
positive
What will be the values of OF flag?
mov al,80h
l 80h
add al,92h
; OF =
mov al,-2
add al,+127
; OF =
31
32
Overflow/Carry Flags: Hardware Viewpoint
Auxiliary Carry (AC) flag
• How the ADD instruction modifies OF and CF:
• AC indicates a carry or borrow of bit 3 in the
destination operand.
operand
• It is primarily used in binary coded decimal
(BCD) arithmetic.
ith ti
– CF = ((carry outt off th
the MSB)
– OF = (carry out of the MSB) XOR (carry into the MSB)
• How the SUB instruction modifies OF and CF:
– NEG th
the source and
d ADD it to
t th
the d
destination
ti ti
– CF = INVERT (carry out of the MSB)
– OF = ((carry out off the
h MSB) XOR ((carry iinto the
h MSB)
mov al, oFh
add al, 1
; AC = 1
33
34
Parity (PF) flag
• PF is set when LSB of the destination has an
even number of 1 bits.
bits
Jump and Loop
mov al, 10001100b
, 00000010b ; AL=10001110,
, PF=1
add al,
sub al, 10000000b ; AL=00001110, PF=0
35
JMP and LOOP Instructions
JMP Instruction
• JMP is an unconditional jump to a label that is
procedure.
usuallyy within the same p
• Transfer of control or branch instructions
– unconditional
– conditional
• Syntax: JMP target
• Logic: EIP  target
• JMP Instruction
• LOOP Instruction
• LOOP Example
• Example:
top:
.
.
jmp top
• SSumming
i an IInteger
t
A
Array
• Copying a String
37
LOOP Instruction
38
LOOP Example
• The LOOP instruction creates a counting loop
The following loop calculates the sum of the
tege s 5 + 4 + 3 +2 + 1::
integers
offset
machine code
source code
00000000 66 B8 0000
mov ax,0
00000004 B9 00000005
mov ecx,5
5
• Syntax: LOOP target
• Logic:
• ECX  ECX – 1
• if ECX != 0, jump to target
00000009
0000000C
0000000E
• Implementation:
y ,
• The assembler calculates the distance,, in bytes,
between the current location and the offset of
the target label. It is called the relative offset.
66 03 C1
E2 FB
L1:add ax,cx
loop L1
When LOOP is assembled, the current location = 0000000E.
Looking
g at the LOOP machine code,, we see that –5 ((FBh))
is added to the current location, causing a jump to
location 00000009:
• The relative offset is added to EIP.
39
00000009  0000000E + FB
40
Exercise . . .
Exercise . . .
If the relative offset is encoded in a single byte,
(a) what is the largest possible backward jump?
(b) what is the largest possible forward jump?
What will be the final value of AX?
10
mov ax,6
mov ecx,4
4
L1:
inc ax
loop L1
((a)) 128
How many times will the loop
execute?
(b) +127
4,294,967,296
Average sizes of machine instructions are about 3
bytes, so a loop might contain, on average, a
maximum of 42 instructions!
mov ecx,0
X2:
inc ax
loop X2
41
Nested Loop
Summing an Integer Array
If you need to code a loop within a loop, you must save the
outer loop cou
oute
counter's
te s ECX
C value. In tthe
e following
ollow g e
example,
a ple,
the outer loop executes 100 times, and the inner loop 20
times.
.data
count DWORD ?
.code
d
mov ecx,100
L1:
mov count,ecx
mov ecx,20
L2:...
L2:
loop L2
mov ecx,count
loop L1
42
; set outer loop count
; save outer loop count
; set inner loop count
; repeat the inner loop
; restore outer loop count
; repeat the outer loop
43
The following code calculates the sum of an array of
16 bit integers.
16-bit
integers
.data
intarray WORD 100h,200h,300h,400h
.code
mov edi,OFFSET
di OFFSET i
intarray
t
; address
dd
mov ecx,LENGTHOF intarray ; loop counter
mov ax
ax,0
0
; zero the sum
L1:
add ax
ax,[edi]
[edi]
; add an integer
add edi,TYPE intarray
; point to next
p L1
; repeat
p
until ECX = 0
loop
44
Copying a String
g
good
use of
SIZEOF
The following code copies a string from source to target.
.data
source
target
.code
mov
mov
L1:
mov
mov
inc
loop
BYTE
BYTE
"This is the source string",0
SIZEOF source DUP(0)
DUP(0),0
0
Conditional Processing
esi,0
; index register
ecx,SIZEOF source ; loop counter
al,source[esi]
; get char from source
target[esi],al
; store in the target
esi
; move to next char
L1
; repeat for entire string
45
Status flags - review
NOT instruction
• The Zero flag is set when the result of an operation
equals
q
zero.
• The Carry flag is set when an instruction generates a
result that is too large (or too small) for the
destination operand.
• The Sign flag is set if the destination operand is
negative, and it is clear if the destination operand is
positive.
• The
Th Overflow
O fl
flag
fl is
i sett when
h an iinstruction
t ti generates
t
an invalid signed result.
• Less important:
• Performs a bitwise Boolean NOT operation on a
single destination operand
• Syntax: (no flag affected)
– The Parity flag is set when an instruction generates an even number
of 1 bits in the low byte of the destination operand.
– The Auxiliary Carry flag is set when an operation produces a carry out
from bit 3 to bit 4
47
NOT destination
NOT
• Example:
mov al
al, 11110000b
not al
NOT
00111011
11000100
inverted
48
AND instruction
OR instruction
• Performs a bitwise Boolean AND operation
between each pair of matching bits in two
operands
• Syntax:
S t
(O
(O=0,C=0,SZP)
0 C 0 SZP)
• Performs a bitwise Boolean OR operation
between each pair of matching bits in two
operands
• Syntax:
S t
(O
(O=0,C=0,SZP)
0 C 0 SZP)
AND destination, source
AND
OR destination, source
• Example:
• Example:
mov al, 00111011b
and al, 00001111b
AND
cleared
mov dl, 00111011b
or dl, 00001111b
00111011
OR 0 0 0 0 1 1 1 1
00111011
00001111
00001011
bit extraction
OR
unchanged
g
unchanged
00111111
set
49
XOR instruction
50
Applications
• Performs a bitwise Boolean exclusive-OR
operation between each pair of matching bits
in two operands
• Syntax:
S t
(O
(O=0,C=0,SZP)
0 C 0 SZP)
XOR destination, source
(1 of 4)
• Task: Convert the character in AL to upper case.
• Solution: Use the AND instruction to clear bit 5.
mov al,'a'
and al,11011111b
; AL = 01100001b
; AL = 01000001b
XOR
• Example:
mov dl, 00111011b
xor dl, 00001111b
XOR
unchanged
g
00111011
00001111
00110100
inverted
XOR is a useful way to invert the bits in an operand and data encryption
51
52
Applications
Applications
(2 of 4)
• Task: Jump to a label if an integer is even.
• Task: Convert a binary decimal byte into its
equivalent ASCII decimal digit.
digit
• Solution: AND the lowest bit with a 1. If the
result is Zero, the number was even.
• Solution: Use the OR instruction to set bits 4 and 5.
mov al,6
or al,00110000b
,
(3 of 4)
; AL = 00000110b
; AL = 00110110b
mov ax,wordVal
and ax,1
,
jz EvenValue
; low bit set?
; jump if Zero flag set
The ASCII digit '6'
6 = 00110110b
53
Applications
TEST instruction
(4 of 4)
• Performs a nondestructive AND operation between each
pair of matching bits in two operands
• No operands are modified, but the flags are affected.
• Example: jump to a label if either bit 0 or bit 1 in AL is
set.
test al,00000011b
jnz ValueFound
• Task: Jump to a label if the value in AL is not zero.
• Solution: OR the byte with itself, then use the JNZ
(jump if not zero) instruction.
or al,al
jnz IsNotZero
j
54
; j
jump
p if not zero
• Example: jump to a label if neither bit 0 nor bit 1 in
AL is set.
ORi g any number
ORing
b with
ith it
itself
lf d
does nott change
h g it
its value.
l
test al
al,00000011b
00000011b
jz
ValueNotFound
55
56
CMP instruction
CMP instruction
(1 of 3)
• Compares the destination operand to the source
p
operand
• Example: destination > source
– Nondestructive subtraction of source from destination
(destination operand is not changed)
mov al,6
cmp al,5
• Syntax: (OSZCAP)
CMP destination, source
• Example: destination == source
mov al,5
cmp al,5
(2 of 3)
; ZF = 0, CF = 0
(both the Zero and Carry flags are clear)
The comparisons shown so far were unsigned.
unsigned
; Zero flag set
• Example: destination < source
mov al,4
cmp al,5
; Carry flag set
57
CMP instruction
Conditions
(3 of 3)
The comparisons shown here are performed with
signed integers.
• Example: destination > source
mov al,5
cmp al
al,-2
2
58
; Sign flag == Overflow flag
• Example: destination < source
mov al,-1
cmp
c
p al,5
a ,5
; S
Sign
g flag
ag !
!= O
Overflow
e
o flag
ag
59
unsigned
ZF
CF
destination<source
0
1
destination>source
0
0
destination=source
1
0
signed
flags
destination<source
SF != OF
d ti ti
destination>source
SF == OF
destination=source
ZF=1
60
Setting and clearing individual flags
and
or
or
and
d
stc
clc
al,
al,
al
al,
al,
l
0
1
80h
7
7Fh
h
;
;
;
;
;
;
set Zero
clear Zero
set Sign
clear
l
Sign
i
set Carry
clear Carry
mov al, 7Fh
inc al
; set Overflow
or eax,
eax 0
; clear Overflow
Conditional jumps
61
Conditional structures
Jcond instruction
• There are no high-level logic structures such as
if then else in the IA
if-then-else,
IA-32
32 instruction set
set. But
But,
you can use combinations of comparisons and
jumps to implement any logic structure.
structure
• First, an operation such as CMP, AND or SUB is
executed
t d tto modified
difi d the
th CPU fl
flags. SSecond,
d a
conditional jump instruction tests the flags and
changes
h
th
the execution
ti fl
flow accordingly.
di l
• A conditional jump instruction branches to a
label when specific register or flag conditions
are met
J
Jcond
d destination
d ti ti
•
1.
2
2.
3.
4
4.
CMP AL, 0
JZ L1
:
Four groups: (some are the same)
based on specific flag values
based on equality between operands
based on comparisons of unsigned operands
b d on comparisons
based
i
off signed
i
d operands
d
L1
L1:
63
64
Jumps based on specific flags
Jumps based on equality
65
Jumps based on unsigned comparisons
66
Jumps based on signed comparisons
>≧<≦
67
68
Examples
Examples
• Compare unsigned AX to BX, and copy the larger of
tthe
e two into
to a va
variable
able named
a ed Large
a ge
mov Large,bx
cmp
p ax,bx
jna Next
mov Large,ax
N t
Next:
• Find the first even number in an array of unsigned
integers
.date
i tA
intArray
DWORD 7
7,9,3,4,6,1
9 3 4 6 1
.code
...
mov ebx, OFFSET intArray
mov ecx, LENGTHOF intArray
L1:
test DWORD PTR [ebx], 1
jz
found
add
dd ebx,
b
4
loop L1
...
• Compare signed AX to BX, and copy the smaller of
th ttwo into
the
i t a variable
i bl named
d SSmall
ll
mov
cmp
jnl
mov
Next:
Small,ax
b
bx,ax
Next
Small
Small,bx
bx
69
70
BT (Bit Test) instruction
• Copies bit n from an operand into the Carry flag
• Syntax:
S t
BT bitBase,
bitB
n
– bitBase may be r/m16 or r/m32
– n may be r16, r32, or imm8
Conditional loops
• Example: jump to label L1 if bit 9 is set in the
AX register:
bt AX
AX,9
9
jc L1
; CF = bit 9
; jump if Carry
• BTC bitBase, n: bit test
t t and
d complement
l
t
• BTR bitBase, n: bit test and reset (clear)
• BTS bitBase, n: bit test and set
71
LOOPZ and LOOPE
LOOPNZ and LOOPNE
• Syntax:
LOOPNZ destination
d
i
i
LOOPNE destination
• Syntax:
LOOPE destination
LOOPZ destination
• Logic:
• Logic:
– ECX  ECX – 1
– if ECX != 0 and ZF=1, jump to destination
– ECX  ECX – 1;
– if ECX != 0 and ZF=0, jump to destination
• The destination label must be between -128
and +127 bytes from the location of the
following instruction
• Useful when scanning an array for the first
element that meets some condition.
73
74
LOOPNZ example
Exercise ...
The following code finds the first positive value in an array:
Locate the first nonzero value in the array. If none is
found,, let ESI p
point to the sentinel value:
.data
data
array SWORD -3,-6,-1,-10,10,30,40,4
sentinel SWORD 0
.code
d
mov esi,OFFSET array
y
mov ecx,LENGTHOF array
next:
test WORD PTR [esi],8000h
; test sign bit
pushfd
; push flags on stack
add esi,TYPE array
popfd
; pop flags from stack
l
loopnz
next
t
; continue
ti
l
loop
jnz quit
; none found
sub esi,TYPE array
; ESI points to value
quit:
.data
array SWORD 50 DUP(?)
sentinel SWORD 0FFFFh
.code
mov esi,OFFSET array
mov ecx,LENGTHOF array
L1: cmp WORD PTR [esi],0
; check for zero
quit:
75
76
Solution
.data
array SWORD 50
0 DUP(?)
sentinel SWORD 0FFFFh
.code
code
mov esi,OFFSET array
mov ecx,LENGTHOF array
L1:cmp WORD PTR [esi],0 ;
pushfd
;
add esi,TYPE array
popfd
;
loope L1
;
jz quit
;
sub esi,TYPE array
y
;
quit:
Conditional structures
check for zero
push flags on stack
pop flags from stack
continue loop
none found
ESI p
points to value
77
If statements
Block-structured IF statements
if C then T else E
Assembly language programmers can easily translate
logical statements written in C++/Java into assembly
language. For example:
C
if( op1 == op2 )
X = 1;
else
;
X = 2;
JNE else
T
JMP endif
else:
E
mov
cmp
jne
mov
j
jmp
L1: mov
L2:
eax,op1
eax,op2
L1
X,1
L2
X,2
endif:
79
80
Example
Example
Implement the following pseudocode in assembly
language. All values are unsigned:
Implement the following pseudocode in assembly
language. All values are 32-bit signed integers:
if( ebx <= ecx )
{
eax = 5;
5
edx = 6;
}
cmp
ja
mov
mov
ebx,ecx
ebx ecx
next
,
eax,5
edx,6
if( var1
var3 =
else
{
var3 =
var4 =
}
next:
<= var2 )
10;
6;
7;
mov
cmp
jle
j
mov
mov
jmp
L1: mov
L2:
eax
eax,var1
var1
eax,var2
L1
var3,6
var4,7
L2
var3,10
81
Compound expression with AND
82
Compound expression with AND
• When implementing the logical AND operator, consider
that HLLs use short-circuit evaluation
if (al > bl) AND (bl > cl)
X = 1;
• In the following example, if the first expression is false,
the second expression is skipped:
This is one p
possible implementation
p
...
cmp al,bl
; first expression...
ja L1
j
jmp next
L1:
cmp bl,cl
; second expression...
ja L2
jmp next
L2:
; both are true
; set X to 1
mov X,1
next:
if (al > bl) AND (bl > cl)
X = 1;
83
84
Compound expression with AND
Exercise . . .
Implement the following pseudocode in assembly
language. All values are unsigned:
if (al > bl) AND (bl > cl)
X = 1;
But the following implementation uses 29% less code
by reversing the first relational operator. We allow the
program to "fall through" to the second expression:
cmp
jbe
cmp
jbe
mov
next:
al,bl
next
bl,cl
next
X
X,1
1
;
;
;
;
;
if( ebx
&& ecx
{
eax =
edx =
}
first expression...
quit if false
second expression...
quit if false
both are true
cmp
ja
p
cmp
jbe
mov
mov
<= ecx
> edx )
5;
6;
ebx,ecx
ebx ecx
next
ecx,edx
,
next
eax,5
edx,6
next:
(There are multiple correct solutions to this problem
problem.))
85
Compound Expression with OR
86
Compound Expression with OR
• In the following example, if the first expression is true,
the second expression is skipped:
if (al > bl) OR (bl > cl)
X = 1;
if (al > bl) OR (bl > cl)
X = 1;
We can use "fall-through" logic to keep the code as
short as possible:
cmp al,bl
ja L1
cmp bl,cl
jbe next
L1
L1:mov
X
X,1
1
next:
87
; is AL > BL?
; yes
; no: is BL > CL?
; no: skip next statement
; set
t X t
to 1
88
WHILE Loops
Exercise . . .
A WHILE loop is really an IF statement followed by the
body of the loop,
loop followed by an unconditional jump to
the top of the loop. Consider the following example:
Implement the following loop, using unsigned 32-bit
g
integers:
while( ebx <= val1)
{
ebx = ebx + 5;
;
val1 = val1 - 1
}
while( eax < ebx)
eax = eax + 1;
_while:
cmp eax,ebx
jae _endwhile
inc eax
jmp _while
_endwhile:
;
;
;
;
_while:
cmp ebx,val1
ja _endwhile
add ebx,5
dec val1
jmp while
_endwhile:
d hil
check loop condition
false? exit loop
body of loop
repeat the loop
; check loop condition
; false? exit loop
; body of loop
; repeat the loop
89
Example: IF statement nested in a loop
while(eax < ebx)
{
eax++;
if (ebx==ecx)
X=2;
else
X=3;
}
_while:
cmp
j
jae
inc
cmp
jne
mov
jmp
_else:
mov
jmp
_endwhile:
90
Table-driven selection
• Table-driven selection uses a table lookup to
replace
l
a multiway
lti
selection
l ti structure
t t
(switch-case statements in C)
• Create a table containing lookup values and
the offsets of labels or procedures
• Use a loop to search the table
• Suited to a large number of comparisons
eax, ebx
_endwhile
d hil
eax
ebx, ecx
_else
X, 2
_while
while
X, 3
_while
91
92
Table-driven selection
Table-driven selection
Step 2: Use a loop to search the table. When a match is
procedure offset stored in the current
found,, we call the p
table entry:
Step 1: create a table containing lookup values and
procedure offsets:
.data
CaseTable BYTE 'A'
; lookup value
DWORD Process_A ; address of procedure
EntrySize = ($ - CaseTable)
BYTE 'B'
DWORD Process_B
BYTE 'C'
DWORD Process_C
BYTE 'D'
DWORD Process_D
mov ebx,OFFSET CaseTable ; point EBX to the table
mov ecx,NumberOfEntries ; loop counter
L1:cmp al,[ebx]
; match found?
jne L2
; no: continue
call NEAR PTR [ebx + 1] ; yes: call the procedure
jmp
j
p L3
; and exit the loop
p
L2:add ebx,EntrySize
; point to next entry
loop L1
; repeat until ECX = 0
L3:
NumberOfEntries = ($ - CaseTable) / EntrySize
required for procedure
pointers
93
94
Shift and Rotate Instructions
Shift and rotate
•
•
•
•
•
•
•
•
Logical vs Arithmetic Shifts
SHL Instruction
SHR Instruction
SAL and SAR Instructions
ROL Instruction
ROR Instruction
RCL and RCR Instructions
SHLD/SHRD Instructions
96
Logical vs arithmetic shifts
SHL instruction
• A logical shift fills the newly created bit
position with zero:
• The SHL (shift left) instruction performs a
logical left shift on the destination operand,
operand
filling the lowest bit with 0.
0
0
CF
CF
• An arithmetic shift fills the newly created bit
position with a copy of the number
number’ss sign bit:
• Operand types: SHL destination,count
SHL
SHL
SHL
SHL
CF
reg,imm8
mem,imm8
reg,CL
mem,CL
97
Fast multiplication
SHR instruction
• The SHR (shift right) instruction performs a
logical right shift on the destination operand.
operand
The highest bit position is filled with a zero.
Shifting left 1 bit multiplies a number by 2
mov dl,5
shl dl,1
,
98
Before:
00000101
=5
After:
00001010
= 10
0
CF
Shifting left n bits multiplies the operand by 2n
Shifting right n bits divides the operand by 2n
For example,
example 5 * 22 = 20
mov dl,5
shl
hl dl
dl,2
2
mov dl,80
shr dl,1
shr dl,2
; DL = 20
99
; DL = 40
; DL = 10
100
SAL and SAR instructions
ROL instruction
• SAL (shift arithmetic left) is identical to SHL.
• SAR ((shift
hif arithmetic
ih
i right)
i h ) performs
f
a right
i h
arithmetic shift on the destination operand.
• ROL (rotate) shifts each bit to the left
• The highest bit is copied into both the Carry
flag and into the lowest bit
• No bits are lost
CF
CF
• An arithmetic shift preserves the number
number'ss sign.
sign
mov dl,-80
sar dl,1
dl 1
sar dl,2
; DL = -40
40
; DL = -10
mov al,11110000b
rol al,1
; AL = 11100001b
mov dl,3Fh
rol dl
dl,4
4
; DL = F3h
101
102
ROR instruction
RCL instruction
• ROR (rotate right) shifts each bit to the right
• The
Th lowest
l
bit
bi iis copied
i d iinto b
both
h the
h C
Carry fl
flag
and into the highest bit
• No bits are lost
• RCL (rotate carry left) shifts each bit to the left
• Copies
C i the
h C
Carry fl
flag to the
h lleast significant
i ifi
bi
bit
• Copies the most significant bit to the Carry flag
CF
CF
mov al,11110000b
ror al,1
; AL = 01111000b
mov dl,3Fh
ror dl,4
dl 4
; DL = F3h
clc
,
mov bl,88h
rcl bl,1
rcl bl,1
103
;
;
;
;
CF = 0
CF,BL
,
= 0 10001000b
CF,BL = 1 00010000b
CF,BL = 0 00100001b
104
RCR instruction
SHLD instruction
• RCR (rotate carry right) shifts each bit to the
right
• Copies the Carry flag to the most significant bit
• Copies the least significant bit to the Carry flag
• Syntax: (shift left double)
SHLD destination,
d ti ti
source, count
t
• Shifts a destination operand a given number of
bi to the
bits
h lleft
f
• The bit positions opened up by the shift are
filled by the most significant bits of the source
operand
• The source operand is not affected
CF
stc
mov ah,10h
rcr ah,1
; CF = 1
; CF,AH = 00010000 1
; CF,AH = 10001000 0
105
SHLD example
SHRD instruction
• Syntax:
Shift wval 4 bits to the left and replace its lowest 4
bits with the high 4 bits of AX:
.data
wval WORD 9BA6h
.code
d
mov ax,0AC36h
shld wval
wval,ax,4
ax 4
106
wval
AX
Before:
9BA6
AC36
After:
BA6A
AC36
SHRD destination,
d ti ti
source, count
t
• Shifts a destination operand a given number of
bi to the
bits
h right
i h
• The bit positions opened up by the shift are
filled by the least significant bits of the source
operand
• The source operand is not affected
107
108
SHRD example
Shift and rotate applications
•
•
•
•
Shift AX 4 bits to the right and replace its highest 4
bi with
bits
i h the
h llow 4 bi
bits off DX
DX:
mov ax,234Bh
mov dx,7654h
,
shrd ax,dx,4
DX
AX
Before:
7654
234B
After:
7654
4234
Shifting Multiple Doublewords
Binary Multiplication
p y g Binaryy Bits
Displaying
Isolating a Bit String
109
110
Shifting multiple doublewords
Binary multiplication
• Programs sometimes need to shift all bits
within an array,
array as one might when moving a
bitmapped graphic image from one screen
location to another.
another
• The following shifts an array of 3 doublewords 1
bit to the right:
• We already know that SHL performs unsigned
multiplication efficiently when the multiplier is
a power of 2.
• Factor
F t any bi
binary number
b iinto
t powers off 2
2.
shr array[esi + 8],1 ; high dword
rcr array[esi + 4],1 ; middle dword,
rcr array[esi],1
; low dword,
[ i 8]
[esi+8]
[ i 4]
[esi+4]
– For example, to multiply EAX * 36, factor 36 into 32
+ 4 and
d use th
the di
distributive
t ib ti property
t off
multiplication to carry out the operation:
EAX * 36
= EAX * (32 + 4)
= (EAX * 32)+(EAX * 4)
[ i]
[esi]
111
mov
mov
shl
shl
add
eax,123
ebx,eax
eax
eax,5
5
ebx,2
ea
eax,ebx
,eb
112
Displaying binary bits
Isolating a bit string
Algorithm: Shift MSB into the Carry flag; If CF = 1,
append a "1"
1 character to a string; otherwise,
otherwise
append a "0" character. Repeat in a loop, 32
times.
times
• The MS-DOS file date field packs the year
(relative to 1980)
1980), month
month, and day into 16 bits:
DH
0 0 1 0 0 1 1 0
mov ecx,32
,
mov esi,offset buffer
L1: shl eax,1
mov BYTE PTR [esi],'0'
jnc L2
mov BYTE PTR [esi]
[esi],'1'
1
L2: inc esi
loop
p L1
Field:
Bit numbers:
Year
9 15
9-15
DL
0 1 1 0 1 0 1 0
Month
5-8
5
8
Day
0-4
0
4
113
114
Isolating a bit string
mov al,dl
; make a copy of DL
and al
al,00011111b
00011111b ; clear bits 5-7
mov day,al
; save in day variable
mov
shr
and
mov
ax,dx
ax,5
al
al,00001111b
00001111b
month,al
;
;
;
;
make a copy of DX
shift right 5 bits
clear bits 4
4-7
7
save in month variable
mov
shr
mov
add
mov
al,dh
al,1
ah,0
ax,1980
year,ax
;
;
;
;
;
make a copy of DX
shift right 1 bit
clear AH to 0
year is relative to 1980
save in
i year
Multiplication and division
115
MUL instruction
MUL examples
• The MUL (unsigned multiply) instruction
multiplies an 8-,
8 16-,
16 or 32-bit
32 bit operand by
either AL, AX, or EAX.
• The
Th instruction
i
i fformats are:
MUL r/m8
MUL r/m16
Implied operands:
MUL r/m32
100h * 2000h, using 16-bit operands:
.data
The Carry flag indicates
val1 WORD 2000h
whether or not the upper
half of the product
val2
al2 WORD 100h
contains significant digits.
.code
mov ax,val1
mul val2 ; DX:AX=00200000h, CF=1
12345h * 1000h, using 32-bit operands:
mov eax,12345h
mov ebx,1000h
mul ebx
; EDX:EAX=0000000012345000h, CF=0
117
118
IMUL instruction
DIV instruction
• IMUL (signed integer multiply) multiplies an 8-,
16-, or 32
16
32-bit
bit signed operand by either AL
AL, AX
AX,
or EAX (there are one/two/three operand
format))
• Preserves the sign of the product by signextending
g it into the upper
pp half of the
destination register
• The DIV (unsigned divide) instruction performs
8 bit 16
8-bit,
16-bit,
bit and 32
32-bit
bit division on unsigned
integers
• A single
i l operand
d is
i supplied
li d ((register
i t or
memory operand), which is assumed to be the
di i
divisor
• Instruction formats:
Example:
p multiply
p y 48 * 4,, using
g 8-bit operands:
p
mov al,48
mov bl,4
,
imul bl
DIV r/m8
DIV r/m16
DIV r/m32
; AX = 00C0h, OF=1
Default Operands:
OF=1
OF
1 because AH is not a sign extension of AL.
119
120
DIV examples
Signed integer division
• Signed integers must be sign-extended before
division takes place
Divide 8003h by 100h, using 16-bit operands:
mov
mov
mov
div
dx,0
ax,8003h
cx,100h
cx
;
;
;
;
– fill high byte/word/doubleword with a copy of the
y
sign
g bit
low byte/word/doubleword's
clear dividend, high
dividend, low
divisor
AX = 0080h, DX = 3
• For example, the high byte contains a copy of
the sign
g bit from the low byte:
y
Same division, using 32-bit operands:
mov
mov
mov
div
edx,0
eax,8003h
ecx,100h
ecx
;
;
;
;
10001111
clear dividend, high
dividend, low
divisor
EAX=00000080h,EDX=3
11111111
10001111
121
122
CBW, CWD, CDQ instructions
IDIV instruction
• The CBW, CWD, and CDQ instructions
provide
id important
i
t t sign-extension
i
t
i
operations:
• IDIV (signed divide) performs signed integer
di i i
division
• Uses same operands as DIV
– CBW (convert byte to word) extends AL into AH
– CWD (convert word to doubleword) extends AX into DX
– CDQ (convert doubleword to quadword) extends EAX
into EDX
Example: 8-bit division of –48 by 5
mov al
al,-48
-48
cbw
mov bl,5
,
idiv bl
• For
o example:
e a ple:
mov eax,0FFFFFF9Bh
; -101 (32 bits)
cdq
; EDX:EAX = FFFFFFFFFFFFFF9Bh
; -101
101 (64 bi
bits)
)
123
; extend AL into AH
; AL = -9,
AH = -3
124
IDIV examples
Divide overflow
• Divide overflow happens when the quotient is
too large to fit into the destination.
destination
Example: 16-bit division of –48 by 5
mov ax,-48
cwd
; extend AX into DX
mov bx,5
idiv bx
; AX = -9, DX = -3
mov ax, 1000h
mov bl,
bl 10h
div bl
It causes a CPU interrupt and halts the
program. (divided by zero cause similar results)
Example: 32-bit division of –48 by 5
mov eax,-48
cdq
; extend EAX into EDX
mov ebx,5
b 5
idiv ebx
; EAX = -9, EDX = -3
125
126
Implementing arithmetic expressions
• Some good reasons to learn how to implement
expressions:
Arithmetic expressions
– Learn how compilers do it
– Test
T t your understanding
d t di off MUL
MUL, IMUL
IMUL, DIV
DIV, and
d IDIV
– Check for 32-bit overflow
Example: var4 = (var1 + var2) * var3
mov
add
mul
jo
mov
eax,var1
,
eax,var2
var3
TooBig
var4,eax
; check for overflow
; save product
128
Implementing arithmetic expressions
Implementing arithmetic expressions
Example: eax = (-var1 * var2) + var3
Example: var4 = (var1 * -5) / (-var2 % var3);
mov
neg
mul
jo
add
eax
eax,var1
var1
eax
var2
TooBig
eax,var3
mov
neg
cdq
idiv
mov
mov
imul
u
idiv
mov
; check for overflow
Example: var4 = (var1 * 5) / (var2 – 3)
mov
o
mov
mul
mov
sub
div
mov
ea
eax,var1
, a
ebx,5
ebx
ebx,var2
ebx,3
ebx
var4,eax
; left
e t s
side
de
; EDX:EAX = product
; right side
eax,var2
eax
var3
ebx
ebx,edx
edx
eax,-5
var1
a
ebx
var4,eax
; begin right side
;
;
;
;
;
;
;
sign-extend dividend
EDX = remainder
EBX = right side
begin left side
EDX:EAX
:
= left
e t s
side
de
final division
quotient
Sometimes it's easiest to calculate the right-hand term of an
expression first
first.
; final division
129
Exercise . . .
130
Exercise . . .
Implement the following expression using signed 32-bit integers:
Implement the following expression using signed 32-bit integers. Save and
restore ECX and EDX:
eax = (ebx * 20) / ecx
eax = (ecx * edx) / eax
mov eax,20
mul ebx
div ecx
push
push
h
push
mov
mul
pop
div
pop
pop
131
ecx
edx
d
eax
eax,ecx
edx
ecx
ecx
edx
ecx
; EAX needed later
;
;
;
;
left side: EDX:EAX
saved value of EAX
EAX = quotient
restore EDX, ECX
132
Exercise . . .
Implement the following expression using signed 32-bit
integers Do not modify any variables other than var3:
integers.
var3 = (var1 * -var2) / (var3 – ebx)
mov
mov
neg
mul
mov
sub
di
div
mov
eax,var1
edx
edx,var2
var2
edx
edx
ecx,var3
ecx,ebx
ecx
var3,eax
Extended addition and subtraction
; left side: edx:eax
; eax = quotient
i
133
ADC instruction
Extended addition example
• Add two integers of any size
• Pass pointers to the addends (ESI
(ESI, EDI) and sum
(EBX), ECX indicates the number of doublewords
• ADC (add with carry) instruction adds both a
source operand
d and
d the
h contents off the
h C
Carry
flag to a destination operand.
• Example: Add two 32-bit integers (FFFFFFFFh
+ FFFFFFFFh), producing a 64-bit sum:
mov
mov
add
adc
edx,0
eax
eax,0FFFFFFFFh
0FFFFFFFFh
eax,0FFFFFFFFh
edx
edx,0
0 ;EDX:EAX = 00000001FFFFFFFEh
135
L1:
L1
mov eax,[esi] ; get the first integer
adc eax,[edi] ; add the second integer
pushfd
; save the Carry flag
mov [ebx],eax ; store partial sum
add esi,4
; advance all 3 pointers
add edi,4
add
dd ebx,4
b 4
popfd
; restore the Carry flag
loop L1
; repeat the loop
adc word ptr [ebx],0 ; add leftover carry
136
Extended addition example
SBB instruction
.data
op1 QWORD 0A2B2A40674981234h
op2 QWORD 08010870000234502h
sum DWORD 3 dup(?)
; = 0000000122C32B0674BB5736
.code
code
...
mov esi,OFFSET
i OFFSET op1
1 ; first
fi t operand
d
mov edi,OFFSET op2 ; second operand
mov ebx,OFFSET
b OFFSET sum ; sum operand
d
mov ecx,2
; number of doublewords
call Extended_Add
...
• The SBB (subtract with borrow) instruction subtracts
both a source operand and the value of the Carry flag
from a destination operand.
g example
p code p
performs 64-bit
• The following
subtraction. It sets EDX:EAX to 0000000100000000h and
subtracts 1 from this value. The lower 32 bits are
subtracted first, setting the Carry flag. Then the upper
32 bits are subtracted, including the Carry flag:
mov edx,1
d 1
; upper half
h lf
mov eax,0
; lower half
sub
b eax,1
1
; subtract
bt
t 1
sbb edx,0
; subtract upper half
137
Assignment #4 CRC32 checksum
unsigned int crc32(const char* data,
size_t length)
{
// standard polynomial in CRC32
const unsigned int POLY = 0xEDB88320;
// standard initial value in CRC32
unsigned int reminder = 0xFFFFFFFF;
(
_t i = 0;
; i < length;
g ; i++){
){
for(size
// must be zero extended
reminder ^= (unsigned char)data[i];
for(size t bit = 0; bit < 8; bit++)
for(size_t
if(reminder & 0x01)
reminder = (reminder >> 1) ^ POLY;
else
reminder >>= 1;
}
return reminder
i d
^ 0
0xFFFFFFFF;
}
139
138
Related documents
Tutorial-1 Computer Organization
Tutorial-1 Computer Organization
AX 0A000 BCD
AX 0A000 BCD
What is Computer Science? … and why should you care?
What is Computer Science? … and why should you care?
HW - 3 Name: EE390
HW - 3 Name: EE390
Multiprocessor Initialization An introduction to the use of Interprocessor Interrupts
Multiprocessor Initialization An introduction to the use of Interprocessor Interrupts
Download
advertisement