代写代考 BYTE 10h

Assembly Language for x86 Processors 7th Edition
CHAPTER 4: DATA TRANSFERS, ADDRESSING, AND ARITHMETIC

Copyright By PowCoder代写 加微信 powcoder

Chapter Overview
Data Transfer Instructions
Addition and Subtraction
Data-Related Operators and Directives
Indirect Addressing
JMP and LOOP Instructions
64-Bit Programming

Data Transfer Instructions
Operand Types
Instruction Operand Notation
Direct Memory Operands
MOV Instruction
Zero & Sign Extension
XCHG Instruction
Direct-Offset Instructions

Operand Types
Immediate – a constant integer (8, 16, or 32 bits)
value is encoded within the instruction
Register – the name of a register
register name is converted to a number and encoded within the instruction
Memory – reference to a location in memory
memory address is encoded within the instruction, or a register holds the address of a memory location

Instruction Operand Notation

Direct Memory Operands
A direct memory operand is a named reference to storage in memory
The named reference (label) is automatically dereferenced by the assembler
var1 BYTE 10h
mov al,var1 ; AL = 10h
mov al,[var1] ; AL = 10h
alternate format

MOV Instruction

count BYTE 100
wVal WORD 2
mov bl,count
mov ax,wVal
mov count,al

Move from source to destination. Syntax:

MOV destination,source
No more than one memory operand permitted
CS, EIP, and IP cannot be the destination
No immediate to segment reg moves
Both operands must be the same size.

MOV reg,reg
MOV mem,reg
MOV reg,mem
MOV mem,imm
MOV reg,imm

Your turn . . .
bVal BYTE 100
bVal2 BYTE ?
wVal WORD 2
dVal DWORD 5
mov esi,wVal
mov eip,dVal
mov 25,bVal
mov bVal2,bVal
Explain why each of the following MOV statements are invalid:
immediate move to DS not permitted
size mismatch
EIP cannot be the destination
immediate value cannot be destination
memory-to-memory move not permitted

Zero Extension
IRVINE, KIP R. ASSEMBLY LANGUAGE FOR X86 PROCESSORS 6/E, 2010.
When you copy a smaller value into a larger destination, the MOVZX instruction fills (extends) the upper half of the destination with zeros.
val BYTE 10001111b

movzx ax, val
The destination must be a register.
The source cannot be immediate.

Can’t use this, why?
movzx ax, 10001111b

IRVINE, KIP R. ASSEMBLY LANGUAGE FOR X86 PROCESSORS 6/E, 2010.

21.unknown

Sign Extension
The MOVSX instruction fills the upper half of the destination with a copy of the source operand’s sign bit.
mov bl,10001111b
movsx ax, bl
The destination must be a register.
The source cannot be immediate.

Can’t use this, why?
movsx ax, 10001111b

22.unknown

XCHG Instruction
var1 WORD 1000h
var2 WORD 2000h
xchg ax,bx ; exchange 16-bit regs
xchg ah,al ; exchange 8-bit regs
xchg var1,bx ; exchange mem, reg
xchg eax,ebx ; exchange 32-bit regs

xchg var1,var2 ; error: two memory operands
XCHG exchanges the values of two operands. At least one operand must be a register. No immediate operands are permitted.

Direct-Offset Operands
arrayB BYTE 10h,20h,30h,40h
mov al,arrayB+1 ; AL = 20h
mov al,[arrayB+1] ; alternative notation
A constant offset is added to a data label to produce an effective address (EA). The address is dereferenced to get the value inside its memory location.

Direct-Offset Operands (cont)
arrayW WORD 1000h,2000h,3000h
arrayD DWORD 1,2,3,4
mov ax,[arrayW+2] ; AX = 2000h
mov ax,[arrayW+4] ; AX = 3000h
mov eax,[arrayD+4] ; EAX = 00000002h
A constant offset is added to a data label to produce an effective address (EA). The address is dereferenced to get the value inside its memory location.
; Will the following statements assemble?
mov ax,[arrayW-2] ;
mov eax,[arrayD+16] ; the assembler just retrieves a byte of
memory outside the array.

Your turn. . .
IRVINE, KIP R. ASSEMBLY LANGUAGE FOR X86 PROCESSORS 7/E, 2015.
Write a program that rearranges the values of three doubleword values in the following array as: 3, 1, 2.
arrayD DWORD 1,2,3
Step 2: Exchange EAX with the third array value and copy the value in EAX to the first array position.

Step1: copy the first value into EAX and exchange it with the value in the second position.

mov eax,arrayD
xchg eax,[arrayD+4]
xchg eax,[arrayD+8]
mov arrayD,eax
———————
1, 1, 3 eax=2
1, 1, 2 eax=3
———————
eax => arrayD

IRVINE, KIP R. ASSEMBLY LANGUAGE FOR X86 PROCESSORS 7/E, 2015.

Evaluate this . . .
We want to write a program that adds the following three bytes:

myBytes BYTE 80h,66h,0A5h
What is your evaluation of the following code?

mov al,myBytes
add al,[myBytes+1]
add al,[myBytes+2]
What is your evaluation of the following code?

mov ax,myBytes
add ax,[myBytes+1]
add ax,[myBytes+2]
Any other possibilities?

Evaluate this . . . (cont)
myBytes BYTE 80h,66h,0A5h
How about the following code. Is anything missing?

movzx ax,myBytes
mov bl,[myBytes+1]
add ax,bx
mov bl,[myBytes+2]
add ax,bx ; AX = sum
Yes: Move zero to BX before the MOVZX instruction.

Addition and Subtraction
INC and DEC Instructions
ADD and SUB Instructions
NEG Instruction
Implementing Arithmetic Expressions
Flags Affected by Arithmetic

INC and DEC Instructions
Add 1, subtract 1 from destination operand
operand may be register or memory
INC destination
Logic: destination  destination + 1
DEC destination
Logic: destination  destination – 1

INC and DEC Examples
myWord WORD 1000h
myDword DWORD 10000000h
inc myWord ; 1001h
dec myWord ; 1000h
inc myDword ; 10000001h

mov ax,00FFh
inc ax ; AX = 0100h
mov ax,00FFh
inc al ; AX = 0000h

Your turn…
Show the value of the destination operand after each of the following instructions executes:
myByte BYTE 0FFh, 0
mov al,myByte ; AL =
mov ah,[myByte+1] ; AH =
dec ah ; AH =
inc al ; AL =
dec ax ; AX =

ADD and SUB Instructions
ADD destination, source
Logic: destination  destination + source
SUB destination, source
Logic: destination  destination – source
Same operand rules as for the MOV instruction

ADD and SUB Examples
var1 DWORD 10000h
var2 DWORD 20000h
.code ; —EAX—
mov eax,var1 ; 00010000h
add eax,var2 ; 00030000h
add ax,0FFFFh ; 0003FFFFh
add eax,1 ; 00040000h
sub ax,1 ; 0004FFFFh

NEG (negate) Instruction
valB BYTE -1
valW WORD +32767
mov al,valB ; AL = -1
neg al ; AL = +1
neg valW ; valW = -32767
Reverses the sign of an operand. Operand can be a register or memory operand. (Like converting to its Two’s Complement)

NEG Instruction and the Flags
valB BYTE 1,0
valC SBYTE -128
neg valB ; CF = 1, OF = 0
neg [valB + 1] ; CF = 0, OF = 0
neg valC ; CF = 1, OF = 1
The processor implements NEG using the following internal operation:
SUB 0,operand
Any nonzero operand causes the Carry flag to be set.

Implementing Arithmetic Expressions
Rval DWORD ?
Xval DWORD 26
Yval DWORD 30
Zval DWORD 40
mov eax,Xval
neg eax ; EAX = -26
mov ebx,Yval
sub ebx,Zval ; EBX = -10
add eax,ebx
mov Rval,eax ; -36
HLL compilers translate mathematical expressions into assembly language. You can do it also. For example:
Rval = -Xval + (Yval – Zval)

Your turn…
mov ebx,Yval
add ebx,Zval
mov eax,Xval
sub eax,ebx
mov Rval,eax
Translate the following expression into assembly language.
Do not permit Xval, Yval, or Zval to be modified:
Rval = Xval – (-Yval + Zval)
Assume that all values are signed doublewords.

Flags Affected by Arithmetic
The ALU has a number of status flags that reflect the outcome of arithmetic (and bitwise) operations
based on the contents of the destination operand
Essential flags:
Zero flag – set when destination equals zero
Sign flag – set when destination is negative
Carry flag – set when unsigned value is out of range
Overflow flag – set when signed value is out of range
The MOV instruction never affects the flags.

Concept Map
status flags
conditional jumps
branching logic
arithmetic & bitwise operations
attached to
You can use diagrams such as these to express the relationships between assembly language concepts.

Zero Flag (ZF)
sub cx,1 ; CX = 0, ZF = 1
mov ax,0FFFFh
inc ax ; AX = 0, ZF = 1
inc ax ; AX = 1, ZF = 0
The Zero flag is set when the result of an operation produces zero in the destination operand.
Remember…
A flag is set when it equals 1.
A flag is clear when it equals 0.

Sign Flag (SF)
sub cx,1 ; CX = -1, SF = 1
add cx,2 ; CX = 1, SF = 0
The Sign flag is set when the destination operand is negative. The flag is clear when the destination is positive.
The sign flag is a copy of the destination’s highest bit:
sub al,1 ; AL = 11111111b, SF = 1
add al,2 ; AL = 00000001b, SF = 0

Overflow and Carry Flags
A Hardware Viewpoint
How the ADD instruction affects OF and CF:
CF = (carry out of the MSB)
OF = (carry out of the MSB) XOR (carry into the MSB)
How the SUB instruction affects OF and CF:
CF = INVERT (carry out of the MSB)
When a larger unsigned integer is subtracted from a smaller one
negate the source and add it to the destination

OF = (carry out of the MSB) XOR (carry into the MSB)
MSB = Most Significant Bit (high-order bit)
XOR = eXclusive-OR operation
NEG = Negate (same as SUB 0,operand )

Carry Flag (CF)
The Carry flag is set when the result of an operation generates an unsigned value that is out of range (too big or too small for the destination operand).
mov al,0FFh
add al,1 ; CF = 1, AL = 00

; Try to go below zero:

sub al,1 ; CF = 1, AL = FF

How about this, Why?
sub al,1 ; CF = 0, AL = 1

Your turn . . .
mov ax,00FFh
add ax,1 ; AX= SF= ZF= CF=
sub ax,1 ; AX= SF= ZF= CF=
add al,1 ; AL= SF= ZF= CF=
mov bh,6Ch
add bh,95h ; BH= SF= ZF= CF=

sub al,3 ; AL= SF= ZF= CF=
For each of the following marked entries, show the values of the destination operand and the Sign, Zero, and Carry flags:

0100h 0 0 0
00FFh 0 0 0
00h 0 1 1

01h 0 0 1

FFh 1 0 1

Overflow Flag (OF)
The Overflow flag is set when the signed result of an operation is invalid or out of range.
; Example 1
mov al,+127
add al,1 ; OF = 1, AL = ??

; Example 2
mov al,7Fh ; OF = 1, AL = 80h
The two examples are identical at the binary level because 7Fh equals +127. To determine the value of the destination operand, it is often easier to calculate in hexadecimal.

A Rule of Thumb
When adding two integers, remember that the Overflow flag is only set when . . .

Two positive operands are added and their sum is negative
Two negative operands are added and their sum is positive
Overflow never occurs when the signs of two addition operands are different.
What will be the values of the Overflow flag?
mov al,80h
add al,92h ; OF =

add al,+127 ; OF =

Notice: -2 is 1111 1110 (254)

Your turn . . .

mov ax,8000h
add ax,2 ; CF = OF =

sub ax,2 ; CF = OF =

sub al,+125 ; CF = OF =

What will be the values of the given flags after each operation?

0 0

1 0

0 1 AL=7E

Data-Related Operators and Directives
OFFSET Operator
PTR Operator
TYPE Operator
LENGTHOF Operator
SIZEOF Operator
LABEL Directive

OFFSET Operator
OFFSET returns the distance in bytes, of a label from the beginning of its enclosing segment

Protected mode: 32 bits
Real mode: 16 bits
The Protected-mode programs we write use only a single segment (flat memory model).

23.unknown

OFFSET Examples
bVal BYTE ?
wVal WORD ?
dVal DWORD ?
dVal2 DWORD ?

mov esi,OFFSET bVal ; ESI = 00404000
mov esi,OFFSET wVal ; ESI = 00404001
mov esi,OFFSET dVal ; ESI = 00404003
mov esi,OFFSET dVal2 ; ESI = 00404007
Let’s assume that the data segment begins at 00404000h:

Relating to C/C++
// C++ version:

char array[1000];
char * p = array;
The value returned by OFFSET is a pointer. Compare the following code written for both C++ and assembly language:
; Assembly language:

array BYTE 1000 DUP(?)
mov esi,OFFSET array

ALIGN Directive
bVal BYTE 10h ; 0000 0000
wVal WORD 20h ; 0000 0002
bVal2 BYTE 30h ; 0000 0004
dVal DWORD 50h ; 0000 0008
bVal3 BYTE 60h ; 0000 000C
dVal2 DWORD 70h ; 0000 0010
Aligns a variable on a byte, word, dword, or paragraph boundary
Padding to 1, ,2, 4, or 16 bytes in data segments
The CPU can process data stored at even numbered addresses more quickly than those at odd-numbered addresses.

PTR Operator
Overrides the default type of a label (variable). Provides the flexibility to access part of a variable.
Little endian order is used when storing data in memory 12344321h (memory 21 43 34 12)
myDouble DWORD 12345678h
; mov ax,myDouble ; error – why?

mov ax,WORD PTR myDouble ; loads 5678h

mov WORD PTR myDouble,4321h ; saves 4321h
mov EBX, myDouble
; What is myDouble now?

Little Endian Order
Little endian order refers to the way Intel stores integers in memory.
Multi-byte integers are stored in reverse order, with the least significant byte stored at the lowest address
For example, the doubleword 12345678h would be stored as:
When integers are loaded from memory into registers, the bytes are automatically re-reversed into their correct positions.

24.unknown

PTR Operator Examples
myDouble DWORD 12345678h
mov al,BYTE PTR myDouble ; AL = 78h
mov al,BYTE PTR [myDouble+1] ; AL = 56h
mov al,BYTE PTR [myDouble+2] ; AL = 34h
mov ax,WORD PTR myDouble ; AX = 5678h
mov ax,WORD PTR [myDouble+2] ; AX = 1234h

25.unknown

PTR Operator (cont)
myBytes BYTE 12h,34h,56h,78h

mov ax,WORD PTR [myBytes] ; AX = 3412h
mov ax,WORD PTR [myBytes+2] ; AX = 7856h
mov eax,DWORD PTR myBytes ; EAX = 78563412h
PTR can also be used to combine elements of a smaller data type and move them into a larger operand. The CPU will automatically reverse the bytes.

Your turn . . .
varB BYTE 65h,31h,02h,05h
varW WORD 6543h,1202h
varD DWORD 12345678h

mov ax,WORD PTR [varB+2] ; a.
mov bl,BYTE PTR varD ; b.
mov bl,BYTE PTR [varW+2] ; c.
mov ax,WORD PTR [varD+2] ; d.
mov eax,DWORD PTR varW ; e.
Write down the value of each destination operand:

mov ax, word ptr varD+1 ; f.

TYPE Operator
The TYPE operator returns the size, in bytes, of a single element of a data declaration.
var1 BYTE ?
var2 WORD ?
var3 DWORD ?
var4 QWORD ?

mov eax,TYPE var1 ; 1
mov eax,TYPE var2 ; 2
mov eax,TYPE var3 ; 4
mov eax,TYPE var4 ; 8

LENGTHOF Operator
.data LENGTHOF
byte1 BYTE 10,20,30 ; 3
array1 WORD 30 DUP(?),0,0 ; 32
array2 WORD 5 DUP(3 DUP(?)) ; 15
array3 DWORD 1,2,3,4 ; 4
digitStr BYTE “12345678”,0 ; 9

mov ecx,LENGTHOF array1 ; 32
The LENGTHOF operator counts the number of elements in a single data declaration.

SIZEOF Operator
.data SIZEOF
byte1 BYTE 10,20,30 ; 3
array1 WORD 30 DUP(?),0,0 ; 64
array2 WORD 5 DUP(3 DUP(?)) ; 30
array3 DWORD 1,2,3,4 ; 16
digitStr BYTE “12345678”,0 ; 9

mov ecx,SIZEOF array1 ; 64
The SIZEOF operator returns a value that is equivalent to multiplying LENGTHOF by TYPE.

Spanning Multiple Lines (1 of 2)
array WORD 10,20,

mov eax,LENGTHOF array ; 6
mov ebx,SIZEOF array ; 12
A data declaration spans multiple lines if each line (except the last) ends with a comma. The LENGTHOF and SIZEOF operators include all lines belonging to the declaration:

Spanning Multiple Lines (2 of 2)
array WORD 10,20
WORD 30,40
WORD 50,60

mov eax,LENGTHOF array ; 2
mov ebx,SIZEOF array ; 4
In the following example, array identifies only the first WORD declaration. Compare the values returned by LENGTHOF and SIZEOF here to those in the previous slide:

LABEL Directive
Assigns an alternate label name and type to an existing storage location
LABEL does not allocate any storage of its own
Removes the need for the PTR operator
dwList LABEL DWORD
wordList LABEL WORD
intList BYTE 00h,10h,00h,20h
mov eax,dwList ; 20001000h
mov cx,wordList ; 1000h
mov dl,intList ; 00h

Your turn . . .
v16 label word
v32 DWORD 12345678h
mov ax, v16 ; ax =
mov dx, v16 +2 ; dx =

val label dword
v1 WORD 5678h
v2 WORD 1234h
mov eax, val ; eax =

Indirect Addressing
Indirect Operands
Array Sum Example
Indexed Operands

Indirect Operands (1 of 2)
val1 BYTE 10h,20h,30h
mov esi,OFFSET val1
mov al,[esi] ; dereference ESI (AL = 10h)

mov al,[esi] ; AL = 20h

mov al,[esi] ; AL = 30h
Indirect operand can be any 32-bit general-purpose register (EAX, EBX, ECX, EDX, ESI, EDI, EBP, and ESP) surrounded by brackets
An indirect operand holds the address of a variable, usually an array or string. It can be dereferenced (just like a pointer).

Indirect Operands (2 of 2)
myCount WORD 0

mov esi,OFFSET myCount
inc [esi] ; error: ambiguous
inc WORD PTR [esi] ; ok
Use PTR to clarify the size attribute of a memory operand.
The assembler does not know whether ESI points to a byte, word, doubleword, or some other size.

Should PTR be used here?
add [esi],20
yes, because [esi] could point to a byte, word, or doubleword

Array Sum Example
arrayW WORD 1000h,2000h,3000h
mov esi,OFFSET arrayW
mov ax,[esi]
add esi,2 ; or: add esi,TYPE arrayW
add ax,[esi]
add ax,[esi] ; AX = sum of the array
Indirect operands are ideal for traversing an array. Note that the register in brackets must be incremented by a value that matches the array type.

Indexed Operands
arrayW WORD 1000h,2000h,3000h
mov ax,[arrayW + esi] ; AX = 1000h
mov ax,arrayW[esi] ; alternate format
add ax,[arrayW + esi]
An indexed operand adds a constant to a register to generate an effective address. There are two notational forms:
[label + reg] label[reg]

Index Scaling
arrayB BYTE 0,1,2,3,4,5
arrayW WORD 0,1,2,3,4,5
arrayD DWORD 0,1,2,3,4,5

mov al,arrayB[esi*TYPE arrayB] ; 04
mov bx,arrayW[esi*TYPE arrayW] ; 0004
mov edx,arrayD[esi*TYPE arrayD] ; 00000004
You can scale an indirect or indexed operand to the offset of an array element. This is done by multiplying the index by the array’s TYPE:

arrayW WORD 1000h,2000h,3000h
ptrW DWORD arrayW
mov esi,ptrW
mov ax,[esi] ; AX = 1000h
You can declare a pointer variable that contains the offset of another variable.
Alternate format:

ptrW DWORD OFFSET arrayW

PBYTE TYPEDEF PTR BYTE ; PBYTE is a pointer to bytes
ArrayB BYTE 10, 20, 30, 40, 50
P1 PBYTE ?
P2 PBYTE ArrayB
lets you create a user-defined type that has all the status of a built-in type when defining variables

JMP and LOOP Instructions
JMP Instruction
LOOP Instruction
LOOP Example
Summing an Integer Array
Copying a String

JMP Instruction
JMP is an unconditional jump to a label that is usually within the same procedure.
Syntax: JMP target
Logic: EIP  target

A jump outside the current procedure must be to a special type of label called a global label (see Section 5.5.2.3 for details).

LOOP Instruction
The LOOP instruction creates a counting loop
Syntax: LOOP target
ECX  ECX – 1
if ECX != 0, jump to target
Implementation:
The assembler calculates the distance, in bytes, between the offset of the following instruction and the offset of the target label. It is called the relative offset.
The relative offset is added to EIP.

LOOP Example
00000000 66 B8 0000 mov ax,0
00000004 B9 00000005 mov ecx,5

00000009 66 03 C1 L1: add ax,cx
0000000C E2 FB loop L1
The following

程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com